OAuth2 身份认证

遵循标准OAuth2 (RFC 6749 ,RFC 6750) 身份认证标准协议, 后续请求需要附带认证后的accesstoken。

获取token

首先需要获取Access token，后续所有的请求都需要access token

POST {baseUrl}/oauth/token

Header:

{
    "Content-Type": "application/x-www-form-urlencoded; charset=utf-8"
}

Form URL-Encoded:

{
    "grant_type": "client_credentials",
    "client_id": "你的clientID",
    "client_secret": "你的ClientSecret"
}

Response:

{
    "access_token": "33549e255dd78d62021f1e845e39cad2d038ec7e",
    "token_type": "Bearer",
    "expires_in": 3599,
    "scope": "*"
}

Curl:

## 获取token
# 获取token, 用于后续的请求
curl -X "POST" "{baseUrl}/oauth/token" \
     -H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \
     -H 'Cookie: connect.sid=s%3AS947zHe9kgOpXdObJxH5i_loC6INPaEn.f05krmtbH%2BsBYctf6Vt0nF%2B3dcg4aKsohnvS1mBFmGM'

错误处理

状态码: 400 Bad Request

Response:
invalid_client: Invalid client: cannot retrieve client credentials
说明:
client id 或 client secret 不正确，或该clientId/ClientSecret 已被禁用

OAuth身份认证

OAuth2 身份认证

获取token

错误处理

results matching ""

No results matching ""