授權服務器入門(一)
本文主要講授權服務器基本入門,還有client_credentials和password授權方式。client_credentials是機器或應用之間交互,沒有用戶介入,不對外開放註冊。password需要用戶交互,在獲取服務器資源之前需要用戶名和密碼認證。另外password的授權方式返回的token有refresh_token,而client_credentials沒有。 
1 工程代碼
1.1Maven依賴
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
1.2 AuthorizationServer05Application.java 配置信息
package com.example.authorizationserver05;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@EnableAuthorizationServer @SpringBootApplication public class AuthorizationServer05Application { public static void main(String[] args) { SpringApplication.run(AuthorizationServer05Application.class, args); } } 1.3 application.yml 屬性文件
security.oauth2.client.client-id = client01
security.oauth2.client.client-secret = 123456
spring.security.user.name=user1
spring.security.user.password=123456
4 運行應用
通過client_credentials獲取token 的url http://localhost:8080/oauth/token?grant_type=client_credentials&scope=all 
通過password獲取token 的url http://localhost:8080/oauth/token?grant_type=password&scope=all 
本文使用 mdnice 排版