oauth2 What the Heck is OAuth? | Okta Developer
The actors in OAuth flows are as follows:
- Resource Owner: owns the data in the resource server. For example, I’m the Resource Owner of my Facebook profile.
- Resource Server: The API which stores data the application wants to access
- Client: the application that wants to access your data
- Authorization Server: The main engine of OAuth
OAuth Token
①:access_token
存在过期时间,可能是12个小时,由Authorization Server 颁发并决定它的过期时间。
②:refresh_token
一般比access_token的过期时间长点,用来重新获取access_token。
项目结构