OAuth 2.0 Resource Server
Spring Security 支持通过提供两种形式的 OAuth 2.0 Bearer Tokens 来保护端点:
Spring Security supports protecting endpoints by offering two forms of OAuth 2.0 Bearer Tokens:
-
Opaque Tokens
这在应用程序已将其权限管理委派给 authorization server (例如,Okta 或 Ping Identity)的情况下很方便。资源服务可以咨询此授权服务器来授权请求。
This is handy in circumstances where an application has delegated its authority management to an authorization server (for example, Okta or Ping Identity). Resource serves can consult this authorization server to authorize requests.
|
用于 JWT 的完整示例可从 Spring Security 存储库 获得。 A complete working example for JWT is available in the Spring Security repository. |