springsecurity oauth2 授权码模式流程

authorization_code

1.客户端站点尝试获取授权码

http://authServer/oauth/authorize?response_type=code&client_id=client_id&redirect_uri=http://clientSite

2.用户认证，输入用户名密码

http://authServer/login

3.OAuth授权，选择授权scope

http://authServer/oauth/authorize?response_type=code&client_id=client_id&redirect_uri=http://clientSite

4.客户端站点获取授权码

http://clientSite/?code=WHV34h

5.客户端站点使用授权码和客户端密码获取token

http://authServer/oauth/token?client_id=client_id&redirect_uri=http://clientSite&code=WHV34h&grant_type=authorization_code&client_secret=password 返回数据格式:

{
    "access_token": "2a04fdc1-32b9-48b7-b748-8d94c25dbcf7",
    "token_type": "bearer",
    "refresh_token": "4090d5ff-a876-4b2b-ab54-7677d2d45ac8",
    "scope": "all"
}

6.客户端使用token访问资源

http://resourceServer/?access_token=2a04fdc1-32b9-48b7-b748-8d94c25dbcf7

7.资源校验token

http://localhost:11000/oauth/check_token basic auth: username: client_id password: password form-data: token=2a04fdc1-32b9-48b7-b748-8d94c25dbcf7 返回数据格式

{
    "active": true,
    "user_name": "user",
    "authorities": [
        "ROLE_USER"
    ],
    "client_id": "client_id",
    "scope": [
        "all"
    ]
}