-
Notifications
You must be signed in to change notification settings - Fork 288
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #939 from longguikeji/feature-12
feat: 🎸 增加了oidc和oauth2的文档,创建应用去掉多的字段和不同步用户权限的bug;token,用户信息接口更新
- Loading branch information
Showing
6 changed files
with
440 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,199 @@ | ||
# OAuth2 | ||
|
||
OAuth2是一个授权的开放协议 | ||
|
||
## 添加OAuth2应用 | ||
|
||
=== "打开应用列表" | ||
|
||
[![X55Ch4.md.jpg](https://s1.ax1x.com/2022/06/14/X55Ch4.md.jpg)](https://imgtu.com/i/X55Ch4) | ||
|
||
=== "点击创建,填写表单" | ||
|
||
点击确认后,对话框关闭,可以看到你创建的应用。 | ||
|
||
[![XT9IET.md.jpg](https://s1.ax1x.com/2022/06/15/XT9IET.md.jpg)](https://imgtu.com/i/XT9IET) | ||
|
||
=== "点击协议配置" | ||
|
||
[![XT9LvR.md.jpg](https://s1.ax1x.com/2022/06/15/XT9LvR.md.jpg)](https://imgtu.com/i/XT9LvR) | ||
|
||
=== "填写配置" | ||
应用类型选择为OIDC,填写参数,创建完毕 | ||
|
||
[![XTCP8H.md.jpg](https://s1.ax1x.com/2022/06/15/XTCP8H.md.jpg)](https://imgtu.com/i/XTCP8H) | ||
|
||
=== "再次点击协议配置" | ||
即可查看该协议所有相关的参数。 | ||
|
||
[![XTCMGQ.md.jpg](https://s1.ax1x.com/2022/06/15/XTCMGQ.md.jpg)](https://imgtu.com/i/XTCMGQ) | ||
|
||
|
||
## 使用OAuth2应用 | ||
|
||
1. ### 明白页面字段含义 | ||
|
||
[![XTirE6.md.jpg](https://s1.ax1x.com/2022/06/15/XTirE6.md.jpg)](https://imgtu.com/i/XTirE6) | ||
|
||
| 英文参数名称 | 对应页面字段 | | ||
| :---------: | :----------------------------------: | | ||
| `redirect url` | 回调地址 | | ||
| `client_id` | 客户端id | | ||
| `client_token` | 客户端秘钥 | | ||
| `authorize url` | 授权url | | ||
| `get token url` | 获取access_token地址 | | ||
| `userinfo url` | 用户信息地址 | | ||
| `logout url` | 退出登录地址 | | ||
|
||
|
||
2. ### 获取Authorization Code | ||
|
||
- 请求地址: `authorize url` | ||
- 请求方式: GET | ||
- 请求参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `client_id` | `client_id` | | ||
| `redirect_uri` | `redirect url` | | ||
| `response_type`| 填入code | code | ||
| `scope` | 可选 ( openid userinfo) | 如果传递openid,获取token会多一个id_token | ||
|
||
- 请求示例: http://authorize url/?client_id=xxxxx&redirect_uri=xxxxx&response_type=code&scope=userinfo | ||
- 返回参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `code` | 授权码 | | ||
|
||
- 返回示例: http://redirect_uri?code=XEV8esOvaVk9wyAuiNXpb3Nuwn5av9&token=cd34840ffc804b894ede31bc21b176ef559e137f | ||
|
||
|
||
3. ### 获取Access Token | ||
|
||
- 请求地址: `get token url` | ||
- 请求方式: POST | ||
- 请求头参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `Authorization` | 这个token由client_id和client_secret生成 | Basic Token | ||
| `Content-Type` | 填入multipart/form-data | | ||
|
||
- 请求参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `code` | 授权码 | | ||
| `grant_type` | 填入authorization_code | | ||
|
||
|
||
- 请求示例: | ||
|
||
[![XoX9Z4.md.jpg](https://s1.ax1x.com/2022/06/15/XoX9Z4.md.jpg)](https://imgtu.com/i/XoX9Z4) | ||
|
||
- 返回参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `access_token` | 令牌 | | ||
| `expires_in` | 过期时间 | | ||
| `token_type` | Bearer | | ||
| `scope` | userinfo openid | | ||
| `refresh_token` | 用于更新令牌的令牌 | | ||
|
||
- 返回示例: | ||
``` json | ||
{ | ||
"access_token": "cFcWq78HH9MKVQOFJgGPl6RFtESAc2", | ||
"expires_in": 36000, | ||
"token_type": "Bearer", | ||
"scope": "userinfo", | ||
"refresh_token": "oRHcgoGYsL5h1UimT4rWcg93lcTyjN" | ||
} | ||
``` | ||
|
||
|
||
4. ### 获取用户信息 | ||
|
||
- 请求地址: `userinfo url` | ||
- 请求方式: GET | ||
- 请求头参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `Authorization` | Bearer access_token | Bearer cFcWq78HH9MKVQOFJgGPl6RFtESAc2 | ||
|
||
- 返回参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `id` | 用户id | | ||
| `name` | 用户名称 | | ||
| `sub` | 用户id | | ||
| `sub_id` | 用户id | | ||
| `preferred_username` | 用户名 | | ||
| `groups` | 用户分组 | | ||
| `tenant_id` | 租户id | | ||
| `tenant_slug` | 租户slug | | ||
|
||
- 返回示例: | ||
``` json | ||
{ | ||
"id": "faf5aae6-3cdf-4595-8b4a-3a06b31117c8", | ||
"name": "admin", | ||
"sub": "faf5aae6-3cdf-4595-8b4a-3a06b31117c8", | ||
"sub_id": "faf5aae6-3cdf-4595-8b4a-3a06b31117c8", | ||
"preferred_username": "admin", | ||
"groups": [ | ||
], | ||
"tenant_id": "4da114ce-e115-44a0-823b-d372114425d0", | ||
"tenant_slug": "" | ||
} | ||
``` | ||
|
||
5. ### 刷新token | ||
|
||
这一步是可选的如果颁发的令牌过了有效期,可以使用这个接口更换新的令牌 | ||
|
||
- 请求地址: `get token url` | ||
- 请求方式: POST | ||
- 请求头参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `Authorization` | 这个token由client_id和client_secret生成 | Basic Token | ||
| `Content-Type` | 填入multipart/form-data | | ||
|
||
- 请求参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `refresh_token` | 更新令牌 | | ||
| `grant_type` | 填入refresh_token | | ||
|
||
|
||
- 请求示例: | ||
|
||
[![XozCX6.md.jpg](https://s1.ax1x.com/2022/06/15/XozCX6.md.jpg)](https://imgtu.com/i/XozCX6) | ||
|
||
- 返回参数: | ||
|
||
| 参数名称 | 参数说明 | 示例 | | ||
| :---------: | :--------------: | :--------------: | | ||
| `access_token` | 令牌 | | ||
| `expires_in` | 过期时间 | | ||
| `token_type` | Bearer | | ||
| `scope` | userinfo openid | | ||
| `refresh_token` | 用于更新令牌的令牌 | | ||
|
||
- 返回示例: | ||
``` json | ||
{ | ||
"access_token": "51s34LPxhhKlUTP5r5mHevGW7ussXC", | ||
"expires_in": 36000, | ||
"token_type": "Bearer", | ||
"scope": "userinfo", | ||
"refresh_token": "68trmzGvLmmbjACnHFGgzoCl5LBOrJ" | ||
} | ||
``` |
Oops, something went wrong.