An application making protected resource requests on behalf of the resource owner and with its authorization. The term "client" does not imply any particular implementation characteristics (e.g., whether the application executes on a server, a desktop, or other devices).
客户端是指:一个具备利用资源拥有者的授权信息请求受保护的资源的功能的app。“客户端”并不代表任何特定现实。(app可以是运行在服务器上的,桌面上的,或者其它设备)
authorization server
授权服务器
The server issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization.
授权服务器,验证资源拥有者身份,拥有者进行授权,前两步成功之后,颁发 access,tokens.
The interaction between the authorization server and resource server
is beyond the scope of this specification. The authorization server
may be the same server as the resource server or a separate entity.
A single authorization server may issue access tokens accepted by
multiple resource servers.