• OAuth2.0

    1、创建服务

    curl -X POST http://127.0.0.1:8001/consumers/user123/oauth2     --data "url -i -X POST   --url http://localhost:8001/services/   --data 'name=oauth2-service'   --data 'url=https://testoauth.com/'

    2、启用插件

    curl -X POST http://127.0.0.1:8001/services/oauth2-service/plugins     --data "name=oauth2"      --data "config.scopes=email"     --data "config.scopes=phone"     --data "config.scopes=address"     --data "config.mandatory_scope=true"     --data "config.enable_authorization_code=true"

    3、创建消费者

    curl -X POST http://kong:8001/consumers/     --data "username=user123"     --data "custom_id=cid0001"

    4、创建与消费者相关的应用(凭证)

    curl -X POST http://127.0.0.1:8001/consumers/user123/oauth2     --data "name=Test%20Application"  --data "redirect_uris=https://testoauth.com/senduser/"

    curl -X POST http://kong:8001/consumers/{consumer_id}/oauth2 
    --data "name=Test%20Application" 
    --data "client_id=SOME-CLIENT-ID" 
    --data "client_secret=SOME-CLIENT-SECRET" 
    --data "redirect_uris=http://some-domain/endpoint/"
    {"redirect_uris":["http://testoauth.com/senduser/"],
    "created_at":1586094393,
    "consumer":{"id":"ec2b6ea9-f659-45bd-be02-dfa5d835bf76"},
    "id":"72372d2d-b1d2-4b18-9cf4-0796200324e5","tags":null,"name":"Test Application",
    "client_secret":"kEwYElw4gDubo1dijrZXFOQVxBEOQASG","client_id":"KxSE4ksuc90TcWtnNZf5vmC6cMWpCPP7"}

    5、访问token

    curl -X POST http://127.0.0.1:8001/oauth2_tokens 
    --data 'credential.id=72372d2d-b1d2-4b18-9cf4-0796200324e5' 
    --data "token_type=bearer" 
    //--data "access_token=SOME-TOKEN" 
    //--data "refresh_token=SOME-TOKEN" 
    --data "expires_in=3600"

     defaultdescription
    credential   Contains the ID of the OAuth 2.0 application created on Kong.
    token_type
    optional    		 bearer The token type.
    access_token
    optional    		   You can optionally set your own access token value, otherwise a random string will be generated.
    refresh_token
    optional    		   You can optionally set your own unique refresh token value, otherwise a random string will be generated.
    expires_in   The expiration time (in seconds) of the access token.
    scope
    optional    		   The authorized scope associated with the token.
    authenticated_userid
    optional    		   The custom ID of the user who authorized the application 
     
    {"created_at":1586095745,
    "id":"a8d74ea6-5303-462f-be22-827b6222f2a3",
    "scope":null,
    "authenticated_userid":null,
    "refresh_token":null,"expires_in":3600,
    "access_token":"wCX5cZOMl8W5exF5FN9BJnXlOTGOvR6W",
    "token_type":"bearer",
    "credential":{"id":"72372d2d-b1d2-4b18-9cf4-0796200324e5"},
    "ttl":null,
    "service":null}

    6、查看访问tokens
    curl -sX GET http://127.0.0.1:8001/oauth2_tokens/
     

    T
  • 相关阅读:
    90后是怎么了
    从GNOME切换到KDE了
    Ubuntu 12.04中安装Evolus Pencil原型图绘制软件
    wine qq 2012 for linux
    发现来博客园比去csdn早
    [转]代理(Proxy)和委派(Delegate)的区别
    Debian Stable分支对于开发者的意义[续软件系统。。。]
    xj3d svn org.web3d目录结构分析
    不自觉的就陷入OS发行版选择的泥潭
    DNN Test
  • 原文地址:https://www.cnblogs.com/justart/p/12639465.html
Copyright © 2020-2023  润新知