125 lines
4.8 KiB
HTML
125 lines
4.8 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
|
||
<head>
|
||
<meta charset="utf-8"/>
|
||
<meta name="viewport" content="width=device-width,user-scalable=no"/>
|
||
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
|
||
<link rel="shortcut icon" href="../static/favicon.ico" th:href="@{/favicon.ico}"/>
|
||
|
||
<title>Home - Spring Security&OAuth2.1</title>
|
||
|
||
<th:block th:insert="~{fragments/main::header-css}"/>
|
||
</head>
|
||
<body class="container">
|
||
<h2>Spring Security&OAuth2.1
|
||
<small class="badge" title="Version">3.0.0</small>
|
||
</h2>
|
||
|
||
<div>
|
||
Logged: <span class="text-success" th:text="${#authentication.principal.username}"></span>
|
||
<br/>
|
||
Authorities:<span th:each="authority : ${#authentication.authorities}"
|
||
th:text="${authority.authority + ' '}"></span>
|
||
|
||
<form th:action="@{/signout}" method="post">
|
||
<button class="btn btn-info btn-sm" type="submit">Logout</button>
|
||
</form>
|
||
</div>
|
||
<br/>
|
||
<div>
|
||
操作说明:
|
||
<ol>
|
||
<li>
|
||
<p>
|
||
菜单 User 是不需要OAuth 验证即可访问的(即公开的resource); 用于管理用户信息(添加,删除等).
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
菜单 Unity 与 Mobile 需要登录认证后才能访问(即受保护的resource); <br/>
|
||
Unity 需要 [ROLE_UNITY] 权限, Mobile 需要 [ROLE_MOBILE] 权限.
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
device_login 用于在设备认证时,输入用户码(user_code)完成授权.
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
在使用之前, 建议先了解OAuth2.1支持的<code>grant_type</code>, 请访问 <a href="https://andaily.com/blog/?p=103"
|
||
target="_blank">https://andaily.com/blog/?p=103</a>
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
在项目的 others目录里有 <a
|
||
href="https://gitee.com/shengzhao/spring-oauth-server/blob/config/others/oauth2.1-flow.md"
|
||
target="_blank">oauth2.1-flow.md</a>文件, 里面有测试的URL地址(包括浏览器与客户端的),<br/>
|
||
若想访问 Unity 与 Mobile, 则先用基于浏览器的测试URL 访问,等验证通过后即可访问(注意不同的账号对应的权限).
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
若需要自定义<code>client_details</code>数据并进行测试,
|
||
可进入<a th:href="@{client_details}">client_details</a>去手动添加<code>client_details</code>或删除已创建的<code>client_details</code>.
|
||
</p>
|
||
</li>
|
||
</ol>
|
||
</div>
|
||
<br/>
|
||
<strong>菜单</strong>
|
||
<ul>
|
||
<li>
|
||
<p>
|
||
<a th:href="@{/api/SOS_API-2.0.html}" href="../static/api/SOS_API-2.0.html" target="_blank">API</a> <span
|
||
class="text-muted">- 查看提供的API文档</span>
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
<a th:href="@{client_details}">client_details</a> <span class="text-muted">- 管理ClientDetails</span>
|
||
</p>
|
||
</li>
|
||
<li>
|
||
<p>
|
||
<a th:href="@{/oauth2/device_verification}">device_login</a> <span
|
||
class="text-muted">- [device_code]流程中使用</span> <em class="label label-success">OAuth2.1新增</em>
|
||
</p>
|
||
</li>
|
||
<li sec:authorize="hasRole('ROLE_ADMIN')">
|
||
<p>
|
||
<a th:href="@{/user/overview}">User</a> <span class="text-muted">- 管理User</span>
|
||
</p>
|
||
</li>
|
||
<li sec:authorize="hasRole('ROLE_UNITY')">
|
||
<p>
|
||
<a th:href="@{/unity/dashboard}">Unity</a> <span class="text-muted">- Unity 资源(resource), 需要具有 [ROLE_UNITY] 权限才能访问</span>
|
||
</p>
|
||
</li>
|
||
<li sec:authorize="hasRole('ROLE_MOBILE')">
|
||
<p>
|
||
<a th:href="@{/m/dashboard}">Mobile</a> <span class="text-muted">- Mobile资源(resource), 需要具有 [ROLE_MOBILE] 权限才能访问</span>
|
||
</p>
|
||
</li>
|
||
</ul>
|
||
<br/>
|
||
|
||
<div class="well well-sm">
|
||
<p>
|
||
<strong>说明</strong>: Unity与Mobile菜单需要先获取到<code>access_token</code>后才能正常访问; 可以尝试在URL后面任意添加access_token参数值试试效果,
|
||
<br/>
|
||
如: <a th:href="@{/m/dashboard?access_token=i_am_testing_access_token}">/m/dashboard?access_token=i_am_testing_access_token</a>
|
||
</p>
|
||
|
||
<p>
|
||
请求受保护的资源时传递
|
||
<mark>Access Token</mark>
|
||
有两种方式, 方式一在URL参数中添加<code>access_token</code>, 方式二在请求的Header中添加 <em>Authorization</em>, 其值为 <em>Bearer
|
||
your_access_token</em>【推荐方式二】
|
||
</p>
|
||
</div>
|
||
|
||
<div th:replace="~{fragments/main :: footer}"/>
|
||
</body>
|
||
</html> |