1
https://www.idp.com/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=CALLBACK_URL&scope=read
response_type参数表示要求返回授权码(code)client_id参数让认证源知道是哪个系统在请求用户信息redirect_uri参数是IDP网站接受或拒绝请求后的跳转网址scope参数表示要求的授权范围
- 用户跳转后,IDP网站会要求用户登录,然后询问是否同意给予SP网站授权。用户表示同意之后,这时IDP网站就会跳回
redirect_uri参数指定的网址。跳转时,会传回一个授权码。
1
https://www.sp.com/callback?code=AUTHORIZATION_CODE
1
curl
2
-X POST https://www.idp.com/oauth/token
3
-H
'Content-Type:application/x-www-form-urlencoded'
4
-H
'Authorization:Basic {CLIENT_ID: CLIENT_SECRET}'
5
-d
'{grant_type=authorization_code&
6
code={code}&
7
redirect_uri=https://www.sp.com/callback
8
9
client_id=CLIENT_ID&
10
client_secret=CLIENT_SECRET&
11
grant_type=authorization_code&
12
code=AUTHORIZATION_CODE&
13
redirect_uri=CALLBACK_URL
14
}'
1
HTTP/
1.1
200
OK
2
Content-Type
:
application/json
3
{
4
"access_token"
:
"xxxxxxx"
,
5
"refresh_token"
:
"xxxxxxxxx"
,
6
"token_type"
:
"Bearer"
,
7
"expires_in"
:
3600
8
}
1
https://www.idp.com/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=CALLBACK_URL&scope=read
1
https://www.sp.com/callback#access_token=2YotnFZFEjr1zCsicMWpAA&token_type=Bearer&expires_in=3600
1
curl
2
-X POST https://www.idp.com/oauth/token
3
-H
'Content-Type:application/x-www-form-urlencoded'
4
-H
'Authorization:Basic {CLIENT_ID: CLIENT_SECRET}'
5
-d
'{grant_type=password&
6
username=USERNAME&
7
password=PASSWORD
8
}'
1
HTTP/
1.1
200
OK
2
Content-Type
:
application/json
3
{
4
"access_token"
:
"xxxxxxx"
,
5
"refresh_token"
:
"xxxxxxxxx"
,
6
"token_type"
:
"Bearer"
,
7
"expires_in"
:
3600
8
}
1
curl
2
-X POST https://www.idp.com/oauth/token
3
-H
'Content-Type:application/x-www-form-urlencoded'
4
-H
'Authorization:Basic {CLIENT_ID: CLIENT_SECRET}'
5
-d
'{grant_type=client_credentials
6
}'
1
HTTP/
1.1
200
OK
2
Content-Type
:
application/json
3
{
4
"access_token"
:
"xxxxxxx"
,
5
"refresh_token"
:
"xxxxxxxxx"
,
6
"token_type"
:
"Bearer"
,
7
"expires_in"
:
3600
8
}
1
https://www.idp.com/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=CALLBACK_URL&scope=read&code_chanllenge=CODE_CHANLLENGE
1
https://www.sp.com/callback?code=AUTHORIZATION_CODE
1
curl
2
-X POST https://www.idp.com/oauth/token
3
-H
'Content-Type:application/x-www-form-urlencoded'
4
-H
'Authorization:Basic {CLIENT_ID: CODE_VERIFY}'
5
-d
'{ grant_type=authorization_code&
6
code={code}&
7
redirect_uri=https://www.sp.com/callback
8
9
client_id=CLIENT_ID&
10
code_verifier=CODE_VERIFY&
11
grant_type=authorization_code&
12
code=AUTHORIZATION_CODE&
13
redirect_uri=CALLBACK_URL
14
}'
1
HTTP/
1.1
200
OK
2
Content-Type
:
application/json
3
{
4
"access_token"
:
"xxxxxxx"
,
5
"refresh_token"
:
"xxxxxxxxx"
,
6
"token_type"
:
"Bearer"
,
7
"expires_in"
:
3600
8
}
1
curl
2
-X GET https://www.idp.com/oauth/user_info
3
-H
'Content-Type:application/json '
4
-H
'Authorization:Bearer {access_token}'
1
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容,请联系我们,一经查实,本站将立刻删除。
如需转载请保留出处:https://51itzy.com/kjqy/250465.html