authenticationScheme = query ,form 请求参数会直接拼接在url后面,如果https://my.oschina.net?Authorization=154RSCO8INYJhpbDgctp
authenticationScheme = header 参数会写入请求头 https://my.oschina.net header[Authorization=154RSCO8INYJhpbDgctp]
如果没有设置过UserInfoTokenServices.setRestTemplate(),系统会通过BaseOAuth2ProtectedResourceDetails 创建 OAuth2RestTemplate对象,默认就是AuthenticationScheme.header、AuthenticationScheme.header、OAuth2AccessToken.ACCESS_TOKEN;如果是自己设置的话就需要通yml文件修改,如下
oauth2: client: ..... tokenName: access_token authenticationScheme: header clientAuthenticationScheme: form
UserInfoTokenServices.java 源
OAuth2RestOperations restTemplate = this.restTemplate; if (restTemplate == null) { BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails(); resource.setClientId(this.clientId); restTemplate = new OAuth2RestTemplate(resource); }
BaseOAuth2ProtectedResourceDetails .java 源
private AuthenticationScheme clientAuthenticationScheme = AuthenticationScheme.header;
private AuthenticationScheme authorizationScheme = AuthenticationScheme.header;
private String tokenName = OAuth2AccessToken.ACCESS_TOKEN;