spring security + Oauth2 password mode authorization: issue token, verify token, refresh token

Enterprise 2023-08-06 15:21:10 views: null

Oauth2 Password Mode Authorization

The difference between the password mode (Resource Owner Password Credentials) and the authorization code mode is that the authorization code is no longer used to apply for the token, but the
token can be applied directly through the user name and password.
The test is as follows:
Post request: http://localhost:40400/auth/oauth/token
parameters:
grant_type: password mode authorization fill in password
username: account
password: password
and this link needs to use http Basic authentication.
insert image description here

The above parameters are transmitted in x-www-form-urlencoded mode, and the postman test is as follows:
insert image description here
Note: When the token has not expired, the same user applies for a token again and no new token will be issued.

check token

Spring Security Oauth2 provides endpoints for validating tokens, as follows:

Get: http://localhost:40400/auth/oauth/check_token?token=xxx

Parameters:
token: Token
Use postman to test as follows:
insert image description here
The result is as follows:
exp: Expiration time, long type, the number of seconds from 1970 (new Date().getTime() can get the number of milliseconds from the current time to 1970).
user_name: Username
client_id: client Id, configured in oauth_client_details
scope: client scope, configured in the oauth_client_details table
jti: unique identifier corresponding to the token
companyIduserpicnameutypeid: these fields are user identity information extended by this authentication service on the basis of Spring Security

{
    
    
	"companyId": null,
	"userpic": null,
	"user_name": "mrt",
	"scope": [
		"app"
	],
	"name": null,
	"utype": null,
	"id": null,
	"exp": 1531254828,
	"jti": "6a00f227‐4c30‐47dc‐a959‐c0c147806462",
	"client_id": "XcWebApp"
}

refresh token

Refresh token is to regenerate a token when the token is about to expire. It is different from authorization code authorization and password authorization to generate tokens. Refresh tokens do not require authorization codes or account numbers and passwords. Only a refresh token is required. Client id and client secret.
The test is as follows:

Post:http://localhost:40400/auth/oauth/token

Parameters:
grant_type: fixed as refresh_token
refresh_token: refresh token (not access_token, but refresh_token)

insert image description here
If the refresh token is successful, a new access token and refresh token will be regenerated, and the validity period of the token is also longer than that of the old token.
Refresh tokens are usually refreshed when the token is about to expire.

Guess you like

Origin blog.csdn.net/a772304419/article/details/132085419
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com