(→显示验证页面) |
|||
| (未显示同一用户的4个中间版本) | |||
| 第1行: | 第1行: | ||
| + | == 应用注册 == | ||
| + | 先到/res/clients.html注册应用。 | ||
| + | |||
| + | 利用BBS账户登录之后,点击Register new client,填写各项信息。 | ||
| + | * client_id: 应用标识 | ||
| + | * client_secret: 用于验证应用(RFC6749 $2.3.1) | ||
| + | * redirect uri: OAuth的重定向路径(RFC6749 $3.1.2) | ||
| + | * name: 应用名字 | ||
| + | * description: 应用说明 | ||
| + | * logo: 图标 | ||
| + | * website: 网站 | ||
| + | * type: 能保证应用自身安全性的选confidential,一般选public(RFC6749 $2.1) | ||
| + | * response type: (RFC6749 $3.1.1) | ||
| + | ** 希望用authentication code模式的选code(RFC6749 $4.1) | ||
| + | ** 希望用直接跳转给token模式的选token(RFC6749 $4.2) | ||
| + | * grant type: | ||
| + | ** 希望用authentication code模式的选authentication code(RFC6749 $4.1) | ||
| + | ** 希望用密码登录的选password(RFC6749 $4.3, 目前禁止) | ||
| + | ** 希望直接靠应用确认身份的选client credentials(RFC6749 $4.4, 目前禁止) | ||
| + | ** 希望获取和使用refresh token的选refresh token(RFC6749 $6) | ||
| + | |||
| + | 注册完成之后就可以作为这个应用登录了。也可以在此页面修改/删除应用信息。 | ||
| + | |||
== 登录 == | == 登录 == | ||
| 第9行: | 第32行: | ||
| redirect_uri || string || Redirection URI || No || displaycode | | redirect_uri || string || Redirection URI || No || displaycode | ||
|- | |- | ||
| − | | response_type || string || | + | | response_type || string || Preferred response type || No || code/token |
|- | |- | ||
| − | | client_id || string || Client ID of the client application || No | + | | client_id || string || Client ID of the client application || No || |
| + | |- | ||
| + | | state || string || Client state string || Yes || | ||
|} | |} | ||
| + | |||
| + | * 如果选token模式,会直接在登录成功之后重定向到$redirect_uri?access_token=<string: token>&token_type=<string: token type>&expires_in=<int: time before token expires>[&state=<string: client state>] | ||
| + | * 如果选code模式,会跳转到$redirect_uri?code=<string: authorization code>[&state=<string: client state>],需要再进行下一步获取token。 | ||
| + | * state 用于传递客户端信息。服务器会把客户端传过来的 state 原样加到重定向的参数里去。 | ||
=== 获取Token === | === 获取Token === | ||
| − | : '''GET''' /auth/token | + | : '''GET/POST''' /auth/token |
{| class="wikitable" | {| class="wikitable" | ||
| 第21行: | 第50行: | ||
! Parameter !! Type !! Description !! Optional !! Choices | ! Parameter !! Type !! Description !! Optional !! Choices | ||
|- | |- | ||
| − | | | + | | redirect_uri || string || Redirection URI, should match with previous requests || No |
| + | |- | ||
| + | | grant_type || string || Type of object to exchange token with || No || authorization_code/refresh_token | ||
|- | |- | ||
| − | | | + | | code || string || Authorization code, required for grant_type = authorization_code || Yes || |
|- | |- | ||
| − | | | + | | refresh_token || string || Refresh token, required for grant_type = refresh_token || Yes || |
|- | |- | ||
| − | | client_id || string || Client ID of the client application || No | + | | client_id || string || Client ID of the client application || No || |
|- | |- | ||
| − | | client_secret || string || Client secret of the client application || No | + | | client_secret || string || Client secret of the client application || No || |
|} | |} | ||
* Return value | * Return value | ||
| − | ** Success: {"access_token": <string: Token>, "token_type": <string: Token type>} | + | ** Success: {"access_token": <string: Token>, "token_type": <string: Token type>, ["refresh_token": <string: Refresh Token>,] "expires_in": <int: Seconds before expire> } |
** Failure: various HTTP error code | ** Failure: various HTTP error code | ||
| + | |||
| + | * refresh_token may be used to exchange for a new access_token and a new refresh_token, it will be disabled after the exchange | ||
| + | * refresh_token可换取新access_token和refresh_token,换取后原refresh_token失效 | ||
2013年1月27日 (日) 03:45的最新版本
应用注册
先到/res/clients.html注册应用。
利用BBS账户登录之后,点击Register new client,填写各项信息。
- client_id: 应用标识
- client_secret: 用于验证应用(RFC6749 $2.3.1)
- redirect uri: OAuth的重定向路径(RFC6749 $3.1.2)
- name: 应用名字
- description: 应用说明
- logo: 图标
- website: 网站
- type: 能保证应用自身安全性的选confidential,一般选public(RFC6749 $2.1)
- response type: (RFC6749 $3.1.1)
- 希望用authentication code模式的选code(RFC6749 $4.1)
- 希望用直接跳转给token模式的选token(RFC6749 $4.2)
- grant type:
- 希望用authentication code模式的选authentication code(RFC6749 $4.1)
- 希望用密码登录的选password(RFC6749 $4.3, 目前禁止)
- 希望直接靠应用确认身份的选client credentials(RFC6749 $4.4, 目前禁止)
- 希望获取和使用refresh token的选refresh token(RFC6749 $6)
注册完成之后就可以作为这个应用登录了。也可以在此页面修改/删除应用信息。
登录
显示验证页面
- GET /auth/auth
| Parameter | Type | Description | Optional | Choices |
|---|---|---|---|---|
| redirect_uri | string | Redirection URI | No | displaycode |
| response_type | string | Preferred response type | No | code/token |
| client_id | string | Client ID of the client application | No | |
| state | string | Client state string | Yes |
- 如果选token模式,会直接在登录成功之后重定向到$redirect_uri?access_token=<string: token>&token_type=<string: token type>&expires_in=<int: time before token expires>[&state=<string: client state>]
- 如果选code模式,会跳转到$redirect_uri?code=<string: authorization code>[&state=<string: client state>],需要再进行下一步获取token。
- state 用于传递客户端信息。服务器会把客户端传过来的 state 原样加到重定向的参数里去。
获取Token
- GET/POST /auth/token
| Parameter | Type | Description | Optional | Choices |
|---|---|---|---|---|
| redirect_uri | string | Redirection URI, should match with previous requests | No | |
| grant_type | string | Type of object to exchange token with | No | authorization_code/refresh_token |
| code | string | Authorization code, required for grant_type = authorization_code | Yes | |
| refresh_token | string | Refresh token, required for grant_type = refresh_token | Yes | |
| client_id | string | Client ID of the client application | No | |
| client_secret | string | Client secret of the client application | No |
- Return value
- Success: {"access_token": <string: Token>, "token_type": <string: Token type>, ["refresh_token": <string: Refresh Token>,] "expires_in": <int: Seconds before expire> }
- Failure: various HTTP error code
- refresh_token may be used to exchange for a new access_token and a new refresh_token, it will be disabled after the exchange
- refresh_token可换取新access_token和refresh_token,换取后原refresh_token失效
