客户端模式认证
2019-01-04 10:26:49 0 举报springSecurity Oauth2模块的客户端模式授权时序图
作者其他创作
大纲/内容
ProviderManager
true
AbstractAuthenticationProcessingFilter
ClientCredentialsTokenEndpointFilter
4.attemptAuthentication
SecurityContextPersistenceFilter
OAuth2AccessToken
9.loadClientByClientId
7.authenticate
TokenRequest
失败
DaoAuthenticationProvider
Authentication
10.additionalAuthenticationChecks
12.successfulAuthentication
1.初始化安全上下文
授权请求
[无异常][有异常]
Alt
14.过滤成功后会调用其他未执行的Filter,这里省略,直接进入认证点
服务器保存的scope和请求中的比对
11.createSuccessAuthentication
1.认证成功,设置安全上下文2.调用记住我逻辑3.发送一个登陆成功事件4.执行成功处理
createAccessToken(OAuth2Authentication authentication)
设置认证信息
2.doFilter
5.authenticate
清空上下文
ClientDetailsUserDetailsService
1.认证失败,清空上下文2.异常放入session3.调用记住我逻辑4.执行成失败
6.supports
DefaultTokenServices
TokenEndpoint
loadClientByClientId
createTokenRequest
13.successfulAuthentication
DefaultOAuth2RequestFactory
validateScope
grant()
ClientDetailsService
loadClientByClientId()
/oauth/token
ClientDetails
validateGrantType()
SecurityContextHolder
3.matches
AbstractUserDetailsAuthenticationProvider
DefaultOAuth2RequestValidator
unsuccessfulAuthentication
8.retrieveUser
AbstractTokenGranter
request
getAccessToken
TokenStore
0 条评论
下一页
