About authorization mechanism OAuth 2.0 blog has a lot of explaining, more user-friendly can refer to here .
Today, to be a java version of the practice.
1 ) take their books to make server A, start web service using the springboot browser to access http: // localhost: 8080, which reads as follows default page index.html and placed in the / resources / static path.
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> <style> a { font-size: 2em } </style> </head> <body> <a href="https://github.com/login/oauth/authorize?client_id=9e4ff8eb94737f0baed4&redirect_uri=http://localhost:8080/oauth"> Login with GitHub </a> </body> </html>
As the link will access the server B that is GitHub's oauth interface, the client_id A site needs to GitHub here to apply (data, after all, people have to let people know who you are).
After the application will be distributed to client id GitHub site A and client secret.
- client id used to obtain authentication code code GitHub
- client id + client secret + code for obtaining access token
2 ) After clicking the link, GitHub require users to log in and authorize the site A to obtain the corresponding data, then jump back redirect_uri specified url, this time the url parameter contains the code values, such as HTTP: // localhost:? 8080 / oauth code = c26c4d0d6e52b32db593
3 ) after the jump url intercept value acquisition code, and then use client_id, client_secret, code GitHub access token request, using the access token and finally call the user data acquired GitHub api.
@RestController public class OAuthController { @Autowired private Rest Template rest template; @RequestMapping("/oauth") public String oauth(@RequestParam("code") String code){ //get access token via authorized code String tokenReq = "https://github.com/login/oauth/access_token?client_id=9e4ff8eb94737f0baed4" + "&client_secret=replace_yours" + "&code=" + code; ResponseEntity<String> respStr = restTemplate.postForEntity(tokenReq, null, String.class); String[] params = respStr.getBody().split("&"); String token_type = null, access_token = null; for (String param : params) { if (param.startsWith("access_token=")) { access_token = param.substring(param.indexOf("=") + 1); } if (param.startsWith("token_type=")) { token_type = param.substring(param.indexOf("=") + 1); } } //access api via token in header String result = null; if (token_type != null && access_token != null) { HttpHeaders headers = new HttpHeaders(); headers.add("accept", "application/json"); headers.add("Authorization", token_type + " " + access_token); HttpEntity httpEntity = new HttpEntity(headers); ResponseEntity<String> resp = restTemplate.exchange("https://api.github.com/user", HttpMethod.GET, httpEntity, String.class); result = resp.getBody(); } return result != null ? result : "error occurs"; } }