authorization_code
1.客户端站点尝试获取授权码
http://authServer/oauth/authorize?response_type=code&client_id=client_id&redirect_uri=http://clientSite
2.用户认证,输入用户名密码
http://authServer/login
3.OAuth授权,选择授权scope
http://authServer/oauth/authorize?response_type=code&client_id=client_id&redirect_uri=http://clientSite
4.客户端站点获取授权码
http://clientSite/?code=WHV34h
5.客户端站点使用授权码和客户端密码获取token
http://authServer/oauth/token?client_id=client_id&redirect_uri=http://clientSite&code=WHV34h&grant_type=authorization_code&client_secret=password
返回数据格式:
{
"access_token": "2a04fdc1-32b9-48b7-b748-8d94c25dbcf7",
"token_type": "bearer",
"refresh_token": "4090d5ff-a876-4b2b-ab54-7677d2d45ac8",
"scope": "all"
}
6.客户端使用token访问资源
http://resourceServer/?access_token=2a04fdc1-32b9-48b7-b748-8d94c25dbcf7
7.资源校验token
http://localhost:11000/oauth/check_token
basic auth:
username: client_id
password: password
form-data:
token=2a04fdc1-32b9-48b7-b748-8d94c25dbcf7
返回数据格式
{
"active": true,
"user_name": "user",
"authorities": [
"ROLE_USER"
],
"client_id": "client_id",
"scope": [
"all"
]
}