need help getting oauth2 working

polaris · · 432 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>I am having a few issues understanding the flow of oauth2. read various posts about it and trying to incorporate it into my beego rest api. what i want to know is. (1) how to initially start the process. (2) what needs to be sent from the client side. (my seperate website, app) (3) how these variables are stored on the client side (in special file? encrypted?). (4) can I just make up a key for the client to communicate initially with the API? (dont want to use google because Iam learning) (5) how to send these variables in a POST from the client to the API. (for example, a post with json body OR as header variables) .</p> <p>I know i need to use TLS/SSL but ill worry about that after i get a prototype/ test version of OAUTH2.0 working with postman.</p> <p>been reading this article. very well written. <a href="http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/" rel="nofollow">http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/</a></p> <p>but. under the initial &#34;client registration&#34; section. I describes params that must be passed from the client.</p> <p>&#34;Client registration</p> <p>Application Name: the application name Redirect URLs: URLs of the client for receiving authorization code and access token Grant Type(s): authorization types that will be used by the client Javascript Origin (optional): the hostname that will be allowed to request the resource server via XMLHttpRequest&#34;</p> <p>this doesnt include a password or anything? </p> <p>and the API returns </p> <p>&#34;Client Id: unique random string Client Secret: secret key that must be kept confidential&#34;</p> <p>according to the doc? so essentially anyone can receive the client id and Client secret back? I am really not following the spec at all. even the initial messages in registering the client. If anyone could give me a slightly better description id really appreciate it.</p>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

432 次点击  
加入收藏 微博
0 回复
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传