oauth2如何refreshToken?
post请求,跟请求token一样的url地址:http://localhost:9098/oauth/token
post需要的参数:
- grant_type :refresh_token”
- client_id:分配的客户端id
- client_secret:分配的客户端密码
- refresh_token:值为上一次请求返回值中"refresh_token
实例如下所示
oauth2配置文件需要设置支持refreshToken
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
// 将token存数据库
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager)
.userDetailsService(userServiceDetail);
// 配置tokenServices参数
DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(endpoints.getTokenStore());
tokenServices.setSupportRefreshToken(true);//允许支持刷新token
tokenServices.setClientDetailsService(endpoints.getClientDetailsService());
tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer());
tokenServices.setAccessTokenValiditySeconds(60); // accessToken有效时间:60秒
tokenServices.setRefreshTokenValiditySeconds(60*60*24*30);//refreshToken有效时间:30天
tokenServices.setReuseRefreshToken(true);
endpoints.tokenServices(tokenServices);
}
参考文章:https://blog.csdn.net/cover_by_ht/article/details/102838581