v.0.2.0-beta
目前oauth已经可以正常使用
This commit is contained in:
97
README.md
97
README.md
@ -192,10 +192,105 @@ npm run dev:frontend
|
||||
|
||||
### 4. 测试OAuth流程
|
||||
|
||||
#### 方法一:使用前端界面
|
||||
1. 注册/登录用户
|
||||
2. 在个人中心创建OAuth客户端
|
||||
3. 访问授权页面:`http://localhost:3001/oauth/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=http://localhost:3001/callback&scope=read%20write&state=test123`
|
||||
4. 完成授权流程
|
||||
4. 在授权页面查看应用信息和请求的权限
|
||||
5. 选择"同意授权"或"拒绝授权"
|
||||
6. 系统会重定向到第三方应用并附带授权码或错误信息
|
||||
|
||||
#### 方法二:使用第三方应用示例
|
||||
1. 启动后端和前端服务
|
||||
2. 在个人中心创建OAuth客户端
|
||||
3. 打开第三方应用示例:`http://localhost:3001/third-party-app.html`
|
||||
4. 填入客户端ID和密钥
|
||||
5. 点击"开始OAuth授权"按钮
|
||||
6. 完成授权流程并查看API响应
|
||||
|
||||
#### 方法三:使用测试脚本
|
||||
```bash
|
||||
# 运行完整的OAuth流程测试
|
||||
npm run test:oauth-flow
|
||||
```
|
||||
|
||||
### 5. OAuth 2.0 授权流程详解
|
||||
|
||||
#### 完整的授权码流程 (Authorization Code Flow)
|
||||
|
||||
**步骤 1: 获取授权信息**
|
||||
```
|
||||
GET /api/oauth/authorize?response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=http://localhost:3001/callback&scope=read%20write&state=test123
|
||||
```
|
||||
|
||||
**响应示例:**
|
||||
```json
|
||||
{
|
||||
"success": true,
|
||||
"message": "授权信息获取成功",
|
||||
"data": {
|
||||
"client": {
|
||||
"id": "YOUR_CLIENT_ID",
|
||||
"name": "应用名称",
|
||||
"description": "应用描述"
|
||||
},
|
||||
"scopes": ["read", "write"],
|
||||
"state": "test123",
|
||||
"redirect_uri": "http://localhost:3001/callback"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
**步骤 2: 用户同意/拒绝授权**
|
||||
用户在前端授权页面选择同意或拒绝授权:
|
||||
|
||||
**同意授权:**
|
||||
```
|
||||
POST /api/oauth/authorize/consent
|
||||
Content-Type: application/json
|
||||
Authorization: Bearer USER_JWT_TOKEN
|
||||
|
||||
{
|
||||
"client_id": "YOUR_CLIENT_ID",
|
||||
"redirect_uri": "http://localhost:3001/callback",
|
||||
"scope": "read write",
|
||||
"state": "test123",
|
||||
"approved": true
|
||||
}
|
||||
```
|
||||
|
||||
**拒绝授权:**
|
||||
```
|
||||
POST /api/oauth/authorize/consent
|
||||
Content-Type: application/json
|
||||
Authorization: Bearer USER_JWT_TOKEN
|
||||
|
||||
{
|
||||
"client_id": "YOUR_CLIENT_ID",
|
||||
"redirect_uri": "http://localhost:3001/callback",
|
||||
"scope": "read write",
|
||||
"state": "test123",
|
||||
"approved": false
|
||||
}
|
||||
```
|
||||
|
||||
**步骤 3: 获取授权码或错误**
|
||||
- **同意授权**:重定向到 `redirect_uri` 并附带授权码
|
||||
```
|
||||
http://localhost:3001/callback?code=AUTH_CODE&state=test123
|
||||
```
|
||||
- **拒绝授权**:重定向到 `redirect_uri` 并附带错误信息
|
||||
```
|
||||
http://localhost:3001/callback?error=access_denied&error_description=用户拒绝授权&state=test123
|
||||
```
|
||||
|
||||
**步骤 4: 使用授权码交换访问令牌**
|
||||
```
|
||||
POST /api/oauth/token
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
grant_type=authorization_code&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&code=AUTH_CODE&redirect_uri=http://localhost:3001/callback
|
||||
```
|
||||
|
||||
## 前端技术栈
|
||||
|
||||
|
||||
Reference in New Issue
Block a user