# authorization-server **Repository Path**: arvin-up/authorization-server ## Basic Information - **Project Name**: authorization-server - **Description**: OpenID Connect 1.0 身份提供者和 OAuth2 授权服务器 - **Primary Language**: Java - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2025-08-06 - **Last Updated**: 2025-09-22 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Authorization server OpenID Connect 1.0 身份提供者和 OAuth2 授权服务器 ## 授权码模式获取token ### 组装url发起授权请求 ``` http://127.0.0.1:8080/oauth2/authorize?client_id=messaging-client&response_type=code&scope=message.read&redirect_uri=http%3A%2F%2F127.0.0.1%3A8080%2Flogin%2Foauth2%2Fcode%2Fmessaging-client-oidc ``` 参数解释 - client_id:客户端的id - response_type:授权码模式固定为code - scope:请求授权的范围 - redirect_uri:回调地址 ### 复制code至postman发起请求 http://localhost:8080/oauth2/token 添加Basic Auth(客户端id和客户端秘钥) 参数解释 - grant_type: 在授权码模式中固定为authorization_code - redirect_uri:与第一步请求授权时携带的redirect_uri一致,并且是严格匹配模式,客户端配置中不能只配置一个域名 - code:重定向至redirect_uri携带的code参数 ```sh curl --location --request POST 'http://localhost:8080/oauth2/token' \ --header 'User-Agent: Apifox/1.0.0 (https://apifox.com)' \ --header 'Authorization: Basic bWVzc2FnaW5nLWNsaWVudDpzZWNyZXQ=' \ --header 'Accept: */*' \ --header 'Host: localhost:8080' \ --header 'Connection: keep-alive' \ --header 'Content-Type: multipart/form-data; boundary=--------------------------764630184825276838434425' \ --form 'grant_type="authorization_code"' \ --form 'redirect_uri="http://127.0.0.1:8080/login/oauth2/code/messaging-client-oidc"' \ --form 'code="oTarfRdxFWUYSTatqmiLANMkfBFR4BDV4tifN_-hmSqnxElgFV3x4PzuXp_qoa2fHwRzHtMktGc8KIw4Bgtxue13bekYxz0boN17OxQx6Bzzds-qOynyP7pvqrAGXZen"' ``` ### 刷新token http://localhost:8080/oauth2/token 添加Basic Auth(客户端id和客户端秘钥) 参数解释 1. grant_type:刷新token时固定值为refresh_token 2. refresh_token:请求/oauth2/token接口响应数据中的refresh_token ## 自定义grant_type(短信认证登录)获取token ### 获取短信验证码 ```sh curl --location --request GET 'http://127.0.0.1:8080/getSmsCaptcha?phone=admin' \ --header 'User-Agent: Apifox/1.0.0 (https://apifox.com)' \ --header 'Accept: */*' \ --header 'Host: 127.0.0.1:8080' \ --header 'Connection: keep-alive' \ --header 'Cookie: JSESSIONID=D6BD389C1D425A366E89294D781C8354' ``` ### 通过验证码获取token ```sh curl --location --request POST 'http://127.0.0.1:8080/oauth2/token' \ --header 'User-Agent: Apifox/1.0.0 (https://apifox.com)' \ --header 'Authorization: Basic bWVzc2FnaW5nLWNsaWVudDpzZWNyZXQ=' \ --header 'Accept: */*' \ --header 'Host: 127.0.0.1:8080' \ --header 'Connection: keep-alive' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Cookie: JSESSIONID=F2967A947E1216DC39D43EB9F9C89032' \ --data-urlencode 'phone=admin' \ --data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:sms_code' \ --data-urlencode 'sms_captcha=1234' \ --data-urlencode 'scope=message.write' \ --data-urlencode 'loginType=smsCaptcha' ```