oauth2.0如何传递访问令牌
[英]oauth2.0 how to pass access token
问题描述
I am working on integrating OAuth2 to a REST API and I would like to know how am I supposed to send the access_token parameter for the requests. 
我正在努力将OAuth2集成到REST API ,我想知道我应该如何为请求发送access_token参数。
Example: 例:
My server accepts two routes: 我的服务器接受两条路由:
POST /write POST /写
GET /read GET /阅读
For /write, am I supposed to put the access_token in the POST? 对于/ write,我应该把access_token放在POST中吗?
curl http://api.localhost/write -d 'access_token=[ACCESS_TOKEN]'
For /read, am I supposed to put it in the GET? 对于/读,我应该把它放在GET中吗?
curl http://api.localhost/read?access_token=[ACCESS_TOKEN]
Or in both cases, is it supposed to be sent through POST? 或者在这两种情况下,是否应该通过POST发送?
Thanks, 谢谢,
Gasim 卡西姆
1 个解决方案
解决方案1
45 已采纳
With OAuth, the token is generally passed in the request headers. 使用OAuth,令牌通常在请求标头中传递。 You may wish to try something similar to the following, for both POST or GET: 对于POST或GET,您可能希望尝试类似于以下内容:
POST: curl http://api.localhost/write -H 'Authorization: Bearer ACCESS_TOKEN' POST: curl http://api.localhost/write -H 'Authorization: Bearer ACCESS_TOKEN'
GET: curl http://api.localhost/read -H 'Authorization: Bearer ACCESS_TOKEN' GET: curl http://api.localhost/read -H 'Authorization: Bearer ACCESS_TOKEN'
The value part of the Authorization key/value pair can vary by REST service provider. 授权键/值对的值部分可能因REST服务提供商而异。 With Github , for instance, the header key/value pair looks like this: 例如,使用Github ,标头键/值对看起来像这样:
curl -H "Authorization: token your_token" https://api.github.com/repos/user/repo
You may need to consult the webservice provider docs for details. 您可能需要查阅Web服务提供商文档以获取详细信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.