<p>I am having a few issues understanding the flow of oauth2. read various posts about it and trying to incorporate it into my beego rest api. what i want to know is.
(1) how to initially start the process.
(2) what needs to be sent from the client side. (my seperate website, app)
(3) how these variables are stored on the client side (in special file? encrypted?).
(4) can I just make up a key for the client to communicate initially with the API? (dont want to use google because Iam learning)
(5) how to send these variables in a POST from the client to the API. (for example, a post with json body OR as header variables) .</p>
<p>I know i need to use TLS/SSL but ill worry about that after i get a prototype/ test version of OAUTH2.0 working with postman.</p>
<p>been reading this article. very well written.
<a href="http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/" rel="nofollow">http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/</a></p>
<p>but. under the initial "client registration" section. I describes params that must be passed from the client.</p>
<p>"Client registration</p>
<p>Application Name: the application name
Redirect URLs: URLs of the client for receiving authorization code and access token
Grant Type(s): authorization types that will be used by the client
Javascript Origin (optional): the hostname that will be allowed to request the resource server via XMLHttpRequest"</p>
<p>this doesnt include a password or anything? </p>
<p>and the API returns </p>
<p>"Client Id: unique random string
Client Secret: secret key that must be kept confidential"</p>
<p>according to the doc? so essentially anyone can receive the client id and Client secret back?
I am really not following the spec at all. even the initial messages in registering the client. If anyone could give me a slightly better description id really appreciate it.</p>
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889
- 请尽量让自己的回复能够对别人有帮助
- 支持 Markdown 格式, **粗体**、~~删除线~~、
`单行代码`
- 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
- 图片支持拖拽、截图粘贴等方式上传