Shulou(Shulou.com)06/02 Report--

This article mainly introduces "the use of spring-security-oauth2". In the daily operation, I believe that many people have doubts about the use of spring-security-oauth2. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts about the use of spring-security-oauth2. Next, please follow the editor to study!

The git address is presented.

Https://gitee.com/luck/oauth3.git

# SpringBoot2 + spring-security-oauth3 uses an example to implement the following four and authorization modes.

(1) Authorization code mode (Authorization Code)

(2) simplified Authorization Code Mode (Implicit)

(3) Pwd mode (Resource Owner Password Credentials)

(4) Client mode (Client Credentials)

The password for all users and client provided by the project is 123456.

# install and run

Import oauth3.sql

Modify the data source of application.yml

Running

Instructions for using mvn spring-boot:run Authorization Code Mode (Authorization Code)

Try to access user information directly

Http://localhost:8080/user/info

Prompt that authentication is required:

Full authentication is required to access this resource unauthorized

Try to get the authorization code

Http://localhost:8080/oauth/authorize?client_id=client_3&response_type=code&scope=read&redirect_uri=http://localhost:8080/code?client_id=client_3

Because HTTP Basic authentication pops up here, only users who must log in can apply for code.

Enter user name and password

Username=user_1

Passpord=123456

As shown above, the user name and password are given to the main filter of SpringSecurity for authentication.

After the login is successful, really apply for the authorization code.

If the oauth/authorize authentication is successful, it will be redirected according to redirect_uri with the generated code. Note that the redirect is port 8080, which is another application at this time.

Http://localhost:8080/code?client_id=client_3&code=c3FbHM

A http request is encapsulated in the code, and the application for token is sent to the authentication server using restTemplate. Of course, the application is made using code, and finally the access_token is successfully obtained.

{"access_token": "5db93d64-2252-4349-90a3-e4d6637f90ae", "refresh_token": "5a67faae-38ed-4e5c-a809-c9d07c16abcb", "scope": "read", "token_type": "bearer", "expires_in": 42494}

Access user information with access_token

Http://localhost:8080/user/info?access_token=5db93d64-2252-4349-90a3-e4d6637f90ae

Normal return information

{"password": null, "username": "user_1", "authorities": [{"authority": "ROLE_USER"}], "accountNonExpired": true, "accountNonLocked": true, "credentialsNonExpired": true, "enabled": true} Authorization simplified Mode (Implicit) usage instructions

The difference between Implicit and Authorization_code is that Implicit does not need to verify client_secret. If the request succeeds, it will directly return token.

Get authorization code

Http://localhost:8080/oauth/authorize?response_type=token&client_id=client_4&scope=read&redirect_uri=http://localhost:8080/param

Redirect to URL if successful (token is in URL)

Instructions for using http://localhost:8080/param#access_token=85090391-2c33-4a75-a989-116bb06b0c5a&token_type=bearer&expires_in=42962&scope=read password Mode (Resource Owner Password Credentials)

Request Access Token:

Http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=client_credentials&scope=read&client_id=client_1&client_secret=123456

Normal return information

{"access_token": "fb1a1d03-9658-4d92-822a-d988c9f7a923", "token_type": "bearer", "expires_in": 43148, "scope": "read"} Client mode (Client Credentials) instructions

Request Access Token:

Http://localhost:8080/oauth/token?grant_type=client_credentials&scope=read&client_id=client_1&client_secret=123456

Normal return information

{"access_token": "fb1a1d03-9658-4d92-822a-d988c9f7a923", "token_type": "bearer", "expires_in": 42811, "scope": "read"} this is the end of the study on "how to use spring-security-oauth2", hoping to solve everyone's doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.