代码改进于《深入实践spring boot》
懒得写了,自己克隆下来看吧
spring-cloud-security: http://git.oschina.net/dream-maker/spring-cloud-security
spring-cloud-sso: https://git.oschina.net/dream-maker/spring-cloud-sso
待续。。。
1. 登录
curl -d 'username=user&password=user' 'http://localhost:8081/api/user/login' -v // cookie: SESSIONID= 1CC31554A5E3C65C234D888DC2494378
2. 请求授权code
curl "http://localhost:8081/oauth/authorize?client_id=ssoclient&redirect_uri=http://localhost:8082/&response_type=code&scope=openid&state=b9dtIn" -v -H "Cookie:SESSIONID= 668192EDDF148E7BEB61EAD295FA34DB"
成功
302 http://localhost:8082/?code=fRnFmg&state=b9dtIn
302 http://localhost:8082/?error=invalid_scope&error_description=Invalid%20scope:%20re1d&state=b9dtIn&scope=read%20write
302
失败
{"timestamp":1478488419784,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/oauth/authorize"}
3. 请求access_token
curl -d "redirect_uri=http://localhost:8082/&grant_type=authorization_code&code=q0F801" "ssoclient:ssosecret@localhost:8081/oauth/token" -v
成功
{"access_token":"53507876-d334-45ce-a55a-cf137e907a78","token_type":"bearer","expires_in":3478,"scope":"read write"}
失败
{"error":"invalid_grant","error_description":"Invalid authorization code: qjU6H8"}
4. 访问资源
curl -H 'Authorization: Bearer 53507876-d334-45ce-a55a-cf137e907a78' http://localhost:8081/
失败结果
{"error":"invalid_token","error_description":"Invalid access token: 53507876-d334-45ce-a55a-cf137e907a7”}
{"error":"invalid_token","error_description":"Access token expired: 90f18922-3e34-4757-99d8-fa73efea25c4”}
Image.png
Image.png
Image.png
Image.png
网友评论