oauth2四种授权方式小结
https://www.pianshen.com/article/547680944/
http://www.ruanyifeng.com/blog/2019/04/oauth-grant-types.html
https://www.jianshu.com/p/c1c79197b724
密码模式(resource owner password credentials)(为遗留系统设计)(支持refresh token)
- 授权码模式(authorization code)(
正宗方式)(支持refresh token) - 简化模式(implicit)(
为web浏览器应用设计)(不支持refresh token) - 客户端模式(client credentials)(
为后台api服务消费者设计)(不支持refresh token)
- 简化模式(implicit)(
client为浏览器/前端应用) - 密码模式(resource owner password credentials)(
用户密码暴露给client端不安全) - 客户端模式(client credentials)(
主要用于api认证,跟用户无关)
WebSecurityConfigurerAdapter与ResourceServerConfigurerAdapter
https://www.jianshu.com/p/fe1194ca8ecd
初步理解Spring Security并实践
https://www.jianshu.com/p/e6655328b211
Spring Security Configuration - HttpSecurity vs WebSecurity
Spring Security : 安全构建器HttpSecurity和WebSecurity的区别
https://blog.csdn.net/andy_zhang2007/article/details/90051654
OAuth2Client客户端访问流程
https://blog.csdn.net/kaige8312/article/details/87186537
Spring Security认证成功后回跳(解决前后端分离下OAuth2认证成功回跳)
https://blog.csdn.net/gangsijay888/article/details/81171647
Springsecurity-oauth2之OAuth2AuthenticationProcessingFilter
https://blog.csdn.net/weixin_33895016/article/details/92315745
oauth2 JWT 2种加密
https://www.jianshu.com/p/6dd03375224d
微服务架构中整合网关、权限服务
Oauth2.0 实现SSO单点登陆
Spring Cloud OAuth2 认证流程
https://blog.csdn.net/isea533/article/details/78078101
使用fastjson序列化rest接口返回数据,swagger的oauth认证无效
https://www.jianshu.com/p/14ba72f6a09c
Springsecurity-oauth2之/oauth/token的处理
https://cloud.tencent.com/developer/article/1413449