spring-oauth-server/src/main/resources/templates/index.html

125 lines
4.8 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
<head>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width,user-scalable=no"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
<link rel="shortcut icon" href="../static/favicon.ico" th:href="@{/favicon.ico}"/>
<title>Home - Spring Security&OAuth2.1</title>
<th:block th:insert="~{fragments/main::header-css}"/>
</head>
<body class="container">
<h2>Spring Security&OAuth2.1
<small class="badge" title="Version">3.0.0</small>
</h2>
<div>
Logged: <span class="text-success" th:text="${#authentication.principal.username}"></span>
<br/>
Authorities<span th:each="authority : ${#authentication.authorities}"
th:text="${authority.authority + ' '}"></span>
<form th:action="@{/signout}" method="post">
<button class="btn btn-info btn-sm" type="submit">Logout</button>
</form>
</div>
<br/>
<div>
操作说明:
<ol>
<li>
<p>
菜单 User 是不需要OAuth 验证即可访问的(即公开的resource); 用于管理用户信息(添加,删除等).
</p>
</li>
<li>
<p>
菜单 Unity 与 Mobile 需要登录认证后才能访问(即受保护的resource); <br/>
Unity 需要 [ROLE_UNITY] 权限, Mobile 需要 [ROLE_MOBILE] 权限.
</p>
</li>
<li>
<p>
device_login 用于在设备认证时,输入用户码(user_code)完成授权.
</p>
</li>
<li>
<p>
在使用之前, 建议先了解OAuth2.1支持的<code>grant_type</code>, 请访问 <a href="https://andaily.com/blog/?p=103"
target="_blank">https://andaily.com/blog/?p=103</a>
</p>
</li>
<li>
<p>
在项目的 others目录里有 <a
href="https://gitee.com/shengzhao/spring-oauth-server/blob/config/others/oauth2.1-flow.md"
target="_blank">oauth2.1-flow.md</a>文件, 里面有测试的URL地址(包括浏览器与客户端的),<br/>
若想访问 Unity 与 Mobile, 则先用基于浏览器的测试URL 访问,等验证通过后即可访问(注意不同的账号对应的权限).
</p>
</li>
<li>
<p>
若需要自定义<code>client_details</code>数据并进行测试,
可进入<a th:href="@{client_details}">client_details</a>去手动添加<code>client_details</code>或删除已创建的<code>client_details</code>.
</p>
</li>
</ol>
</div>
<br/>
<strong>菜单</strong>
<ul>
<li>
<p>
<a th:href="@{/api/SOS_API-2.0.html}" href="../static/api/SOS_API-2.0.html" target="_blank">API</a> <span
class="text-muted">- 查看提供的API文档</span>
</p>
</li>
<li>
<p>
<a th:href="@{client_details}">client_details</a> <span class="text-muted">- 管理ClientDetails</span>
</p>
</li>
<li>
<p>
<a th:href="@{/oauth2/device_verification}">device_login</a> <span
class="text-muted">- [device_code]流程中使用</span> <em class="label label-success">OAuth2.1新增</em>
</p>
</li>
<li sec:authorize="hasRole('ROLE_ADMIN')">
<p>
<a th:href="@{/user/overview}">User</a> <span class="text-muted">- 管理User</span>
</p>
</li>
<li sec:authorize="hasRole('ROLE_UNITY')">
<p>
<a th:href="@{/unity/dashboard}">Unity</a> <span class="text-muted">- Unity 资源(resource), 需要具有 [ROLE_UNITY] 权限才能访问</span>
</p>
</li>
<li sec:authorize="hasRole('ROLE_MOBILE')">
<p>
<a th:href="@{/m/dashboard}">Mobile</a> <span class="text-muted">- Mobile资源(resource), 需要具有 [ROLE_MOBILE] 权限才能访问</span>
</p>
</li>
</ul>
<br/>
<div class="well well-sm">
<p>
<strong>说明</strong>: Unity与Mobile菜单需要先获取到<code>access_token</code>后才能正常访问; 可以尝试在URL后面任意添加access_token参数值试试效果,
<br/>
如: <a th:href="@{/m/dashboard?access_token=i_am_testing_access_token}">/m/dashboard?access_token=i_am_testing_access_token</a>
</p>
<p>
请求受保护的资源时传递
<mark>Access Token</mark>
有两种方式, 方式一在URL参数中添加<code>access_token</code>, 方式二在请求的Header中添加 <em>Authorization</em>, 其值为 <em>Bearer
your_access_token</em>【推荐方式二】
</p>
</div>
<div th:replace="~{fragments/main :: footer}"/>
</body>
</html>