Author 2020-09-17
PDF
OAuth 2.01OAuth2ContentsOAuth 2.0 ........................................................................................ 1 ............................................................................................... 2 .................................................................................................... 7使OAuth 2.0OAuth访访 2访访使访OAuth 访访Authorization Code Grantcodehttps://authorization-server.com/authorize? response_type=code 3 &client_id=egHuu4oJxgOLeBzPAQ9sXg4i &redirect_uri=https://www.oauth.com/playground/authorization-code.html &scope=photo+offline_access &state=hCi3i1u67XgxqbO-使https://www.oauth.com/playground/authorization-code.html? state=hCi3i1u67XgxqbO- &code=7RfqR_w09Ak75fZRlFCVL1ZtKUM3RR67Wd18I9tNZQwSANx9state使POST https://authorization-server.com/tokengrant_type=authorization_code&client_id=egHuu4oJxgOLeBzPAQ9sXg4i&client_secret=p4NlH7i7o2JQJ9xpGdhG95eXWgX1I8teWYZo8pH5-vILSZXv&redirect_uri=https://www.oauth.com/playground/authorization-code.html&code=7RfqR_w09Ak75fZRlFCVL1ZtKUM3RR67Wd18I9tNZQwSANx9authorization_code{ "token_type": "Bearer", "expires_in": 86400, "access_token": "Y80stMYZlsL6p6YSwwR16UiUueaV_BtuGVVtbmAj-b2Y_5u-yKtGqq2gWL2NY6ftKNMo6hin", "scope": "photo offline_access", "refresh_token": "eA-3mBXx8G9MLDzoKbJZNyV6"} 4Authorization Code Grant with PKCE使code verifier = sz3-THfasVfv882QlbHeLsmBOdkEvgQXAYlce7MTeqzHG7Dkcode challenge = base64url(sha256(code_verifier)) = pVx7RqTYem8RYTImvRC1M4EsoaOkeqYB6I4l5tnrPWghttps://authorization-server.com/authorize? response_type=code &client_id=egHuu4oJxgOLeBzPAQ9sXg4i &redirect_uri=https://www.oauth.com/playground/authorization-code-with-pkce.html &scope=photo+offline_access &state=G_SbnGGJEopEPN9A &code_challenge=pVx7RqTYem8RYTImvRC1M4EsoaOkeqYB6I4l5tnrPWg &code_challenge_method=S256?state=G_SbnGGJEopEPN9A&code=dS6-4QKtIsX6fNBPzxo4DffXTtgufG_MLbZntG6kQwoEKXUP 5POST https://authorization-server.com/tokengrant_type=authorization_code&client_id=egHuu4oJxgOLeBzPAQ9sXg4i&client_secret=p4NlH7i7o2JQJ9xpGdhG95eXWgX1I8teWYZo8pH5-vILSZXv&redirect_uri=https://www.oauth.com/playground/authorization-code-with-pkce.html&code=dS6-4QKtIsX6fNBPzxo4DffXTtgufG_MLbZntG6kQwoEKXUP&code_verifier=sz3-THfasVfv882QlbHeLsmBOdkEvgQXAYlce7MTeqzHG7Dk使Legacy: Implicit Granthttps://authorization-server.com/authorize? response_type=token &client_id=egHuu4oJxgOLeBzPAQ9sXg4i &redirect_uri=https://www.oauth.com/playground/implicit.html &scope=photo &state=wjtEAa38CxUJbhKE#access_token=cXoSzbih9UYXAZEQlN7gag4sWhvpP9J941OHOhrbXzGqlA_mzC-os3u3X4_g25I1x5epxRM_ &token_type=Bearer &expires_in=86400 &scope=photos &state=wjtEAa38CxUJbhKE使 6Legacy: Resource Owner Password Credentials Password Grant使Client Credentials访client_credentialsPOST /token HTTP/1.1 Host: server.example.com Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW Content-Type: application/x-www-form-urlencoded grant_type=client_credentials{ "access_token":"2YotnFZFEjr1zCsicMWpAA", "token_type":"example", "expires_in":3600, "example_parameter":"example_value"}refresh tokenRefresh Tokenrefresh_token 7POST /token HTTP/1.1 Host: server.example.com Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW Content-Type: application/x-www-form-urlencoded grant_type=refresh_token&refresh_token=tGzv3JOkF0XG5Qx2TlKWIADevice Code使POST https://example.okta.com/deviceclient_id=https://www.oauth.com/playground/{ "device_code": "NGU5OWFiNjQ5YmQwNGY3YTdmZTEyNzQ3YzQ1YSA", "user_code": "BDWD-HQPK", "verification_uri": "https://example.okta.com/device", "interval": 5, "expires_in": 1800}POST https://example.okta.com/tokengrant_type=urn:ietf:params:oauth:grant-type:device_code&client_id=https://www.oauth.com/playground/&device_code=NGU5OWFiNjQ5YmQwNGY3YTdmZTEyNzQ3YzQ1YSA{ "token_type": "Bearer", "access_token": "RsT5OjbzRn430zqMLgV3Ia", "expires_in": 3600, "refresh_token": "b7a3fac6b10e13bb3a276c2aab35e97298a060e0ede5b43ed1f720a8"}access_token 8POST /introspect HTTP/1.1Host: server.example.comAccept: application/jsonContent-Type: application/x-www-form-urlencodedAuthorization: Bearer 23410913-abewfq.123483token=2YotnFZFEjr1zCsicMWpAA{ "active": true, "client_id": "l238j323ds-23ij4", "username": "jdoe", "scope": "read write dolphin", "sub": "Z5O3upPC88QrAjx00dis", "aud": "https://protected.example.net/resource", "iss": "https://server.example.com/", "exp": 1419356238, "iat": 1419350238, "extension_field": "twenty-seven"}

HTML view coming soon.

Download PDF for the full formatted version.