如何使用AngularJs发送OAuth2的客户端ID和密码?

时间:2015-08-31 07:14:56

标签: angularjs curl oauth-2.0 spring-boot

我使用资源服务器和授权服务器的spring boot开发了OAuth2的Rest API。我可以使用cURL,POSTMAN Rest客户端成功获取令牌,并可以使用OAuth提供的令牌请求授予的服务。现在,我需要知道如何使用angularjs传递OAuth2 client_id,secret_id,并且我想知道以下curl请求中-vu的用法是什么,

    curl -X POST -vu clientapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=spring&username=roy&grant_type=password&scope=read%20write&client_secret=123456&client_id=clientapp".

  Could anyone please help me to know about this and provide me the samples to work on with angularjs ?

TIA ...,

1 个答案:

答案 0 :(得分:1)

以下是jhipster的一个例子:https://github.com/jhipster/jhipster-sample-app-oauth2/blob/master/src/main/webapp/scripts/components/auth/provider/auth.oauth2.service.js

注意:我可能只是使用一个空白的客户端秘密(在angularjs和spring中),因为秘密在js中并不是真正的秘密。见https://stackoverflow.com/a/32062458/1098564及以下:



return {
   login: function(credentials) {
      var data = "username=" + credentials.username + "&password=" + credentials.password + "&grant_type=password&scope=read%20write&";
      return $http.post('oauth/token', data, {
         headers: {
            "Content-Type": "application/x-www-form-urlencoded",
            "Accept": "application/json",
            "Authorization": "Basic " + Base64.encode("myapp" + ':' + "")
         }
      }).success(function (response) {
         var expiredAt = new Date();
         expiredAt.setSeconds(expiredAt.getSeconds() + response.expires_in);
         response.expires_at = expiredAt.getTime();
         localStorageService.set('token', response);
         return response;
      });
   },




至于curl,-v选项用于" verbose" -u选项是传递用户凭据(这里解释的选项:http://curl.haxx.se/docs/manpage.html