37 lines
1.1 KiB
Plaintext
37 lines
1.1 KiB
Plaintext
|
// 测试OAuth 2.0认证流程
|
|||
|
|
// 1. 创建OAuth客户端
|
|||
|
|
POST http://localhost:5001/api/v1/oauth/clients
|
|||
|
|
Content-Type: application/json
|
|||
|
|
|
|||
|
|
{
|
|||
|
|
"clientName": "TestClient",
|
|||
|
|
"redirectUris": ["http://localhost:3000/callback"],
|
|||
|
|
"scopes": ["read", "write"]
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
###
|
|||
|
|
|
|||
|
|
// 2. 获取授权码(在浏览器中访问以下URL)
|
|||
|
|
// http://localhost:5001/api/v1/oauth/authorize?response_type=code&client_id=test_client&redirect_uri=http://localhost:3000/callback&scope=read&state=xyz
|
|||
|
|
|
|||
|
|
###
|
|||
|
|
|
|||
|
|
// 3. 使用授权码获取访问令牌
|
|||
|
|
POST http://localhost:5001/api/v1/oauth/token
|
|||
|
|
Content-Type: application/x-www-form-urlencoded
|
|||
|
|
|
|||
|
|
grant_type=authorization_code&code=YOUR_AUTHORIZATION_CODE&redirect_uri=http://localhost:3000/callback&client_id=test_client&client_secret=YOUR_CLIENT_SECRET
|
|||
|
|
|
|||
|
|
###
|
|||
|
|
|
|||
|
|
// 4. 使用访问令牌访问受保护的API
|
|||
|
|
GET http://localhost:5001/api/v1/mails
|
|||
|
|
Authorization: Bearer YOUR_ACCESS_TOKEN
|
|||
|
|
|
|||
|
|
###
|
|||
|
|
|
|||
|
|
// 5. 刷新访问令牌
|
|||
|
|
POST http://localhost:5001/api/v1/oauth/token
|
|||
|
|
Content-Type: application/x-www-form-urlencoded
|
|||
|
|
|
|||
|
|
grant_type=refresh_token&refresh_token=YOUR_REFRESH_TOKEN&client_id=test_client&client_secret=YOUR_CLIENT_SECRET
|