{
id: objectId().str,
slug: 'admin',
username: 'admin',
password: 'wanglei',
nickname: 'Administrator',
email: 'admin@zce.me',
mobile: '13266668888',
status: 'activated',
scope: ''
}{
id: objectId().str,
scope: 'posts:update',
default: false
}{
id: objectId().str,
name: 'OAuth2 Client',
website_url: 'https://github.com/zce/oauth2-example',
privacy_url: 'https://github.com/zce/oauth2-example',
key: 'oauth2-client', // client_id
secret: 'f657d916-0ad9-4b65-9976-3fe796bbdea0', // client_secret
redirects: ['http://localhost:4000/login/callback'], // redirect_uris
grants: ['authorization_code', 'password', 'refresh_token', 'client_credentials'],
scope: 'all',
user_id: 1
}{
id: objectId().str,
token: 'faee0258-b0a2-4d38-b12b-e0a9932a6b94', // access_token
expires: new Date('2019-05-30 00:00'), // expires_at
scope: 'posts:read',
user_id: 1,
client_id: 1,
}{
id: objectId().str,
token: 'cba19635-3bb4-47b1-87f6-8d0ff26b43f2', // refresh_token
expires: new Date('2019-05-30 00:00'), // expires_at
scope: 'posts:read',
user_id: 1,
client_id: 1,
}{
id: objectId().str,
code: '4023348b5bc4', // authorization_code
expires: new Date('2019-05-30 00:00'), // expires_at
redirect: 'http://localhost:4000/login/callback', // redirect_uri
scope: 'posts:read',
user_id: 1,
client_id: 1,
}应用站点:FooApp 授权站点:AuthApp
- 用户在 FooApp 上点击 AuthApp 授权登录链接,例如:
- 用户进入 AuthApp 页面进行授权,如果当前用户还没有在 AuthApp 登录,则需要先跳转到 AuthApp 登录
https://github.com/FrankHassanabad/Oauth2orizeRecipes
https://github.com/primo-malvado/calafrio https://github.com/at0g/oauth2-demo-server http://www.passportjs.org
https://blog.csdn.net/shinepan/article/details/78851886 https://github.com/YardStrong/express-oauth-demo
https://www.jianshu.com/p/7febbe553c83 https://github.com/RobottDog/DCOS-Auth
https://github.com/syntithenai/react-express-oauth-login-system
https://github.com/manjeshpv/node-oauth2-server-implementation
https://github.com/oauth-xx/oauth2
https://tools.ietf.org/html/rfc6749
https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/
https://github.com/greenspanx/node_oauth2_rest_api/blob/master/server.js
https://github.com/zhanghengxin/test-oauth2/blob/master/oauth-model/model.js
https://github.com/slavab89/oauth2-server-example-mongodb
请求授权 (Request Authorization)
GET /authorize
- client_id:
9c16d1d9d4235bb723c4 - redirect_uri:
https://learn.co/users/auth/github/callback - response_type:
code - state:
7947e14af4fd2607a8d47072a91fc5ffeea414aad803eb9f
认证服务器如果没有登陆调整到认证服务器的登陆页 (The authentication server does not log in to the login page of the authentication server.)
GET /login
- client_id:
9c16d1d9d4235bb723c4 - return_to:
/login/oauth/authorize?client_id=9c16d1d9d4235bb723c4&redirect_uri=https://learn.co/users/auth/github/callback&response_type=code&state=7947e14af4fd2607a8d47072a91fc5ffeea414aad803eb9f
用户在认证服务器登陆 (User login on the authentication server)
POST /session
- commit:
Sign in - utf8:
✓ - authenticity_token:
GoX03z/XHDderiumSP3pMKkK4cP38i5V+hMrRkMDuD0d1jRNB4n81NRedgStfV/s32RsJ54o0Gh39+xkPNx2QA== - login:
zce - password:
2016@github - webauthn-support:
supported
跳转到授权页面 (Jump to the authorization page)
GET /authorize
- client_id:
9c16d1d9d4235bb723c4 - redirect_uri:
https://learn.co/users/auth/github/callback - response_type:
code - state:
7947e14af4fd2607a8d47072a91fc5ffeea414aad803eb9f
点击授权 (Click authorization)
POST /authorize
- authorize:
1 - utf8:
✓ - authenticity_token:
GedCj5re39pooef5C8P2gLkAsie4wv4DBkouCqbFw7purEdo9+1EgGtI3k0ZSrUx01vd2ozVQe+Ho1nauoGqPA== - client_id:
9c16d1d9d4235bb723c4 - redirect_uri:
https://learn.co/users/auth/github/callback - state:
7947e14af4fd2607a8d47072a91fc5ffeea414aad803eb9f - scope:
- authorize:
1
调整到回调页面 (Adjust to the callback page)
GET /callback
- code:
7c91849181a5cc05d777 - state:
7947e14af4fd2607a8d47072a91fc5ffeea414aad803eb9f