gitee
/
spring-oauth-server
mirror of https://gitee.com/shengzhao/spring-oauth-server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2.1.1'
${ noResults }
spring-oauth-server/others/oauth_test.txt

98 lines
5.3 KiB
Raw Permalink Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

最后更新2021-11-20
从v2.1.x版本开始推荐使用 admin账号登录系统后在界面进行测试。
方式1:基于浏览器 (访问时后跳到登录页面,登录成功后跳转到redirect_uri指定的地址) [GET]
说明:只能使用admin或unity 账号登录才能有权限访问,若使用mobile账号登录将返回Access is denied
http://localhost:8080/oauth/authorize?client_id=unity-client&redirect_uri=http%3a%2f%2flocalhost%3a8080%2funity%2fdashboard&response_type=code&scope=read
说明: 由于mobile-client只支持password,refresh_token, 所以不管用哪个账号登录后都将返回 OAuth Error
http://localhost:8080/oauth/authorize?client_id=mobile-client&redirect_uri=http%3a%2f%2flocalhost%3a8080%2fm%2fdashboard&response_type=code&scope=read
响应的URL如:
http://localhost:8080/unity/dashboard?code=hGQ8qx
通过code换取access_token [POST] (注意这一步用httpclient在程序中调用不要在浏览器中)
http://localhost:8080/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=hGQ8qx&redirect_uri=http%3a%2f%2flocalhost%3a8080%2funity%2fdashboard
方式2:基于客户端 (注意参数中的username,password,对应用户的账号,密码) [POST] (注意这一步用httpclient在程序中调用不要在浏览器中)
http://localhost:8080/oauth/token?client_id=mobile-client&client_secret=mobile&grant_type=password&scope=read&username=mobile&password=mobile
说明:由于unity-client不支持password,所以若用unity-client通过password方式去授权,将返回 invalid_client
http://localhost:8080/oauth/token?client_id=unity-client&client_secret=unity&grant_type=password&scope=read&username=mobile&password=mobile
获取access_token响应的数据如:
{"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic29zLXJlc291cmNlIl0sImdyYW50X3R5cGUiOiJhdXRob3JpemF0aW9uX2NvZGUiLCJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbInJlYWQiXSwiZXhwIjoxNjM3NDY0NTY3LCJhdXRob3JpdGllcyI6WyJST0xFX01PQklMRSIsIlJPTEVfQURNSU4iLCJST0xFX1VTRVIiLCJST0xFX1VOSVRZIl0sImp0aSI6IjBkOWRjN2M2LTJlODEtNDE3MS1iZjg2LWU1MzE2YmJhN2VmYiIsImNsaWVudF9pZCI6InVuaXR5LWNsaWVudCJ9._Jy_h_KIlK-eWWs1EH6_sdjhSon2QlX3dQrh4BZcx3k","token_type":"bearer","refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic29zLXJlc291cmNlIl0sImdyYW50X3R5cGUiOiJhdXRob3JpemF0aW9uX2NvZGUiLCJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbInJlYWQiXSwiYXRpIjoiMGQ5ZGM3YzYtMmU4MS00MTcxLWJmODYtZTUzMTZiYmE3ZWZiIiwiZXhwIjoxNjQwMDEzMzY3LCJhdXRob3JpdGllcyI6WyJST0xFX01PQklMRSIsIlJPTEVfQURNSU4iLCJST0xFX1VTRVIiLCJST0xFX1VOSVRZIl0sImp0aSI6IjZlNDAwODI5LTM2NmEtNGNjZi1hMTI4LWJkNmQzZjdkNTk3NSIsImNsaWVudF9pZCI6InVuaXR5LWNsaWVudCJ9.dTo_hC7vm54NNySEEexzPld6uFypAzI0McyjXH-ucG0","expires_in":43199,"scope":"read","jti":"0d9dc7c6-2e81-4171-bf86-e5316bba7efb"}
获取access_token后访问资源 [GET]
http://localhost:8080/unity/dashboard?access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic29...
刷新access_token [POST] (注意这一步用httpclient在程序中调用不要在浏览器中)
http://localhost:8080/oauth/token?client_id=mobile-client&client_secret=mobile&grant_type=refresh_token&refresh_token=b36f4978-a172-4aa8-af89-60f58abe3ba1
Restful OAuth2 Test [POST] (注意这一步用httpclient在程序中调用不要在浏览器中)
URL: /oauth/rest_token
ContentType: application/json
DEMO URL: http://localhost:8080/oauth2/rest_token
Request Body:
{"grant_type":"client_credentials","scope":"read","client_id":"credentials","client_secret":"credentials","username":"user","password":"123"}
Response Body:
{
"access_token": "cd165ebc-562d-45df-8488-9f1ba947553e",
"token_type": "bearer",
"expires_in": 43193,
"scope": "read"
}
更多的测试请访问
https://gitee.com/mkk/spring-oauth-client
------------------------------------------------------------------------------------------------
grant_type(授权方式)
1.authorization_code 授权码模式(即先登录获取code,再获取token)
2.password 密码模式(将用户名,密码传过去,直接获取token)
3.refresh_token 刷新token
4.implicit 简化模式(在redirect_uri 的Hash传递token; Auth客户端运行在浏览器中,如JS,Flash)
5.client_credentials 客户端模式(无用户,用户向客户端注册,然后客户端以自己的名义向'服务端'获取资源)
scope
1.read
2.write
3.trust
------------------------------------------------------------------------------------------------
Resource API
Use it get resource-server resources after auth successful. will use it in <spring-oauth-client> project.
(retrieve current logged user information)
[ROLE_UNITY]
http://localhost:8080/unity/user_info?access_token=b03b99a1-f128-4d6e-b9d3-38a0ebcab5ef
Response JSON
{"archived":false,"email":"unity@wdcy.cc","guid":"55b713df1c6f423e842ad68668523c49","phone":"","privileges":["UNITY"],"username":"unity"}
[ROLE_MOBILE]
http://localhost:8080/m/user_info?access_token=20837fa5-a0a1-4c76-9083-1f0e47ca0208
Response JSON
{"archived":false,"email":"mobile@wdcy.cc","guid":"612025cb3f964a64a48bbdf77e53c2c1","phone":"","privileges":["MOBILE"],"username":"mobile"}
Reference in new issue View Git Blame Copy Permalink