知识点
- 资源权限控制
- 自定义权限数据获取类 CustomFilterInvocationSecurityMetadataSource
- 自定义权限控制管理器 CustomAccessDecisionManager
- 自定义权限控制处理逻辑的应用 CustomFilterSecurityInterceptor
- TokenEnhancer拓展token
- 销毁token, consumerTokenServices.revokeToken(accessToken)
例子
curl -X POST 'http://localhost:8080/stream-line/oauth/token?password=123123&grant_type=password&scope=select&username=admin&client_id=client&client_secret=secret' \
--header 'Authorization: Basic Y2xpZW50OnNlY3JldA=='
{
"access_token": "e2258bf0-b03f-44ae-9cc0-e8833eb28f0f",
"refresh_token": "7ec28626-2137-4d9e-8219-c7cd61c1dcd5",
"scope": "select",
"token_type": "bearer",
"expires_in": 43143
}
curl -X POST 'http://localhost:8080/stream-line/oauth/token?grant_type=refresh_token&refresh_token=7ec28626-2137-4d9e-8219-c7cd61c1dcd5' \
--header 'Authorization: Basic Y2xpZW50OnNlY3JldA=='
{
"access_token": "9f6ba996-2ef8-4099-ba09-0cec5c216f7e",
"token_type": "bearer",
"refresh_token": "7ec28626-2137-4d9e-8219-c7cd61c1dcd5",
"expires_in": 43199,
"scope": "select"
}
curl -X GET 'http://localhost:8080/stream-line/auth/logout?access_token=4cc5518f-28dd-4058-8ae7-b87b3cc05894'
{
"success": true,
"code": 200,
"message": "请求成功",
"data": null
}