oauth2-server example
# install dependencies
$ yarn # or npm i
Client: http://localhost:4000 Server: http://localhost:3000
Visit client
{
id: objectId().str,
slug: 'admin',
username: 'admin',
password: 'wanglei',
nickname: 'Administrator',
email: 'admin@zce.me',
mobile: '13266668888',
status: 'activated',
scope: ''
}
{
id: objectId().str,
scope: 'posts:update',
default: false
}
{
id: objectId().str,
name: 'OAuth2 Client',
website_url: 'https://github.com/zce/oauth2-example',
privacy_url: 'https://github.com/zce/oauth2-example',
key: 'oauth2-client', // client_id
secret: 'f657d916-0ad9-4b65-9976-3fe796bbdea0', // client_secret
redirects: ['http://localhost:4000/login/callback'], // redirect_uris
grants: ['authorization_code', 'password', 'refresh_token', 'client_credentials'],
scope: 'all',
user_id: 1
}
{
id: objectId().str,
token: 'faee0258-b0a2-4d38-b12b-e0a9932a6b94', // access_token
expires: new Date('2019-05-30 00:00'), // expires_at
scope: 'posts:read',
user_id: 1,
client_id: 1
}
{
id: objectId().str,
token: 'cba19635-3bb4-47b1-87f6-8d0ff26b43f2', // refresh_token
expires: new Date('2019-05-30 00:00'), // expires_at
scope: 'posts:read',
user_id: 1,
client_id: 1
}
{
id: objectId().str,
code: '4023348b5bc4', // authorization_code
expires: new Date('2019-05-30 00:00'), // expires_at
redirect: 'http://localhost:4000/login/callback', // redirect_uri
scope: 'posts:read',
user_id: 1,
client_id: 1
}
应用站点:FooApp 授权站点:AuthApp
-
用户在 FooApp 上点击 AuthApp 授权登录链接,例如: http://localhost:3000/oauth/authorize?client_id=oauth2-example-client&redirect_uri=http://localhost:4000/login/callback&response_type=code&scope=posts:read
-
用户进入 AuthApp 页面进行授权,如果当前用户还没有在 AuthApp 登录,则需要先跳转到 AuthApp 登录 http://localhost:3000/account/login?redirect=%2Foauth%2Fauthorize%3Fclient_id%3Doauth2-example-client%26redirect_uri%3Dhttp%3A%2F%2Flocalhost%3A4000%2Flogin%2Fcallback%26response_type%3Dcode%26scope%3Dposts%3Aread