OAuth 2 實戰寶典
糜鵬程
- 出版商: 電子工業
- 出版日期: 2023-12-01
- 售價: $450
- 貴賓價: 9.5 折 $428
- 語言: 簡體中文
- 頁數: 240
- ISBN: 7121467569
- ISBN-13: 9787121467561
立即出貨 (庫存 < 4)
買這商品的人也買了...
-
中台架構與實現:基於 DDD 和微服務$534$507 -
深入淺出 Spring Security$594$564 -
$454Python 科學計算及實踐 -
$454SaaS 商業實戰:好模式如何變成好生意 -
$305機器學習入門與實戰 — 基於 scikit-learn 和 Keras -
打通 RxJS 任督二脈:從菜雞前進老鳥必學的關鍵知識(iT邦幫忙鐵人賽系列書)$620$484 -
$356集成學習入門與實戰:原理、算法與應用 -
Visual Studio Code 實用指南:官方文件沒有詳述的 Extension 觀念、命令組合技與鍵位客製化技巧(iT邦幫忙鐵人賽系列書)$600$300 -
從 Hooks 開始,讓你的網頁 React 起來 (第二版)(iT邦幫忙鐵人賽系列書)$720$562 -
哎呀!不小心刻了一套 React UI 元件庫 : 從無到有輕鬆上手(iThome鐵人賽系列書)$650$507 -
$402從 ChatGPT 到 AIGC:智能創作與應用賦能 -
精通 Transformer : 從零開始構建最先進的 NLP 模型$594$564 -
$607前端工程化 : 基於 Vue.js 3.0 的設計與實踐 -
Midjourney AI 繪畫藝術創作教程:關鍵詞設置、藝術家與風格應用 175例$588$559 -
React 思維進化:一次打破常見的觀念誤解,躍升專業前端開發者(iThome鐵人賽系列書)【軟精裝】$790$616 -
Adobe Firefly:AI繪畫從入門到精通$528$502 -
AI畫師:電商產品文案+廣告+模特兒+影片製作全攻略$468$445 -
ChatGPT+Midjourney AI繪畫入門教學$528$502 -
Stable Diffusion AI 繪畫教學:文生圖+圖生圖+提示字+模型訓練+外掛程式應用$588$559 -
零基礎玩AI繪畫(手把手教你解鎖前沿AI繪畫技巧,贈送教學影片)$348$331 -
Python 量化交易實戰 — 使用 vn.py 構建交易系統$474$450 -
LangChain 入門指南:構建高可復用、可擴展的 LLM 應用程序$594$564 -
無界畫師——Midjourney極簡入門$528$502 -
AI 時代 Python 量化交易實戰:ChatGPT 讓量化交易插上翅膀$474$450 -
AI繪畫實戰:MIDJOURNEY從新手到高手$534$507
商品描述
隨著互聯網的普及,合作共贏成了一個越來越受重視的話題。一些成熟的互聯網企業,需 要與眾多的第三方企業進行合作,以便為自己的用戶提供豐富的個性化應用。在這個過程中, 企業需要將自身的一些能力(API)開放給第三方合作企業,具體的實現形式一般是搭建一個 專門的開放平臺系統。無論企業通過何種方式來開放自身的能力,授權都是一個繞不開的話題。本書將通過 8 章 來詳細對授權的相關內容進行闡述,主要內容包括 OAuth 2 概述、開放平臺整體架構、實戰中 的授權模式、OpenID 從理論到實戰、授權碼授權模式回調地址實戰、簽名、授權信息、基於 Spring Security 的 OAuth 2 實戰。
目錄大綱
目錄
第1章 OAuth2概述......................................................................1
1.1
1.2
OAuth 2 的定義 ·········································································.2 1.1.1 官方定義.................................................................................................................2 1.1.2 開放平臺中的定義 .................................................................................................2 OAuth 2 的四種授權模式 ·····························································.3
1.2.1 隱式授權模式.........................................................................................................3
1.2.2 授權碼授權模式 .....................................................................................................5
1.2.3 授信客戶端密碼模式 ...........................................................................................10
1.2.4 授信客戶端模式 ...................................................................................................12
第2章 開放平臺整體架構.............................................................15
2.1 2.2
2.3
2.4
功能架構 ···············································································.16 API 網關系統··········································································.18
2.2.1 API 整體架構 .......................................................................................................18
2.2.2 API 網關與授權系統的關系................................................................................19
控制台系統 ············································································.20 2.3.1 功能概述...............................................................................................................20
2.3.2 控制台系統與授權系統的關系 ...........................................................................20
服務市場 ···············································································.21
第3章 實戰中的授權模式.............................................................22
3.1
3.2 3.3
授權碼授權模式的應用 ·····························································.23
3.1.1 獲取 code ..............................................................................................................23
3.1.2 獲取授權信息.......................................................................................................27
3.1.3 刷新授權信息.......................................................................................................30
用戶名密碼授權碼授權模式的應用 ··············································.31 授信客戶端密碼模式的應用 ·······················································.333.4
3.5
授信客戶端模式的應用 ·····························································.34
3.4.1 標準授信客戶端模式 ...........................................................................................34
3.4.2 自研應用...............................................................................................................35
3.4.3 自研授信客戶端授權 ...........................................................................................35
插件化授權模式的應用 ·····························································.36 3.5.1 普通應用場景.......................................................................................................37 3.5.2 官方應用場景.......................................................................................................42
第4章 OpenID從理論到實戰.......................................................48
4.1
4.2
4.3
4.4
4.5
OpenID 概述···········································································.49
4.1.1 OpenID 定義 .........................................................................................................49
4.1.2 OpenID 使用流程 .................................................................................................50
4.1.3 OpenID 與 OAuth 2 ..............................................................................................52
基於自增 ID 的 OpenID 方案·······················································.53
4.2.1 概述.......................................................................................................................53
4.2.2 基於單機模式下自增 ID 的實現方案 .................................................................54
4.2.3 基於雪花算法的 OpenID 生成方案 ....................................................................55
4.2.4 基於自增 ID 的 OpenID 生成方案總結 ..............................................................56
基於 Hash 算法的 OpenID 方案····················································.57
4.3.1 概述.......................................................................................................................57
4.3.2 Hash 算法簡介......................................................................................................57
4.3.3 使用 Hash 函數計算 OpenID ...............................................................................58
4.3.4 基於 Hash 算法的 OpenID 方案總結 ..................................................................64
基於對稱加密算法的 OpenID 方案 ···············································.64
4.4.1 概述.......................................................................................................................64
4.4.2 對稱加密算法簡介 ...............................................................................................64
4.4.3 基於對稱加密算法的 OpenID 實踐 ....................................................................66
4.4.4 基於對稱加密算法的 OpenID 方案總結 ............................................................68
基於嚴格單調函數的 OpenID 方案 ···············································.69
4.5.1 相關概念...............................................................................................................69
4.5.2 基於嚴格單調函數的 OpenID 實踐 ....................................................................70
4.5.3 基於嚴格單調函數的 OpenID 方案總結 ............................................................744.6
4.7 4.8
基於向量加法的 OpenID 方案 ·····················································.75
4.6.1 UUID 簡介............................................................................................................75
4.6.2 基於向量加法的 OpenID 實踐 ............................................................................76
4.6.3 矩陣乘法思路擴展 ...............................................................................................79
OpenID 小結···········································································.81 UnionID·················································································.83
4.8.1 UnionID 簡介........................................................................................................83
4.8.2 UnionID 劃分方案................................................................................................84
4.8.3 基於自增 ID 的 UnionID 方案.............................................................................86
4.8.4 基於 Hash 算法的 UnionID 方案.........................................................................88
4.8.5 基於對稱加密算法的 UnionID 方案 ...................................................................90
4.8.6 基於嚴格單調函數的 UnionID 方案 ...................................................................92
4.8.7 基於向量加法的 UnionID 方案 ...........................................................................93
4.8.8 UnionID 總結........................................................................................................95
第5章 授權碼授權模式回調地址實戰...........................................97
VIII
5.1 5.2
5.3
5.4
5.5
普通回調地址 ·········································································.98 字符替換回調地址 ···································································.99
5.2.1 場景引入...............................................................................................................99
5.2.2 解決方案.............................................................................................................101
5.2.3 基於字符替換的回調地址方案總結 .................................................................106
自定義函數回調地址 ·······························································.106
5.3.1 FaaS 簡介............................................................................................................106
5.3.2 FaaS 實踐............................................................................................................108
5.3.3 自定義函數回調地址實踐 .................................................................................109
code 生成方案 ········································································.112
5.4.1 基於隨機數生成 code 方案................................................................................112
5.4.2 解決隨機 code 沖突 ...........................................................................................114
5.4.3 基於 UUID 生成 code ........................................................................................116
code 消費··············································································.117
5.5.1 標準 code 消費策略 ...........................................................................................117
5.5.2 code 消費策略優化 ............................................................................................118第6章 簽名................................................................................124
6.1 6.2 6.3 6.4
6.5
簽名算法引入 ········································································.125 非對稱加密簡介 ·····································································.127 進一步探討簽名算法 ·······························································.128 常見的簽名算法 ·····································································.129 6.4.1 非對稱簽名算法.................................................................................................129 6.4.2 開放平臺實踐中使用的簽名算法 .....................................................................130 開放平臺簽名實例 ··································································.141
第7章 授權信息.........................................................................146
7.1
7.2
7.3
7.4
7.5
access_token 簡介····································································.147
7.1.1 短生命周期的可刷新 access_token ...................................................................147
7.1.2 短生命周期的無刷新 access_token ...................................................................148
7.1.3 永不過期的 access_token ...................................................................................149
隨機字符實現 ········································································.150
7.2.1 短生命周期的可刷新 access_token ...................................................................150
7.2.2 短生命周期的無刷新 access_token ...................................................................156
7.2.3 永不過期的 access_token ...................................................................................158
7.2.4 基於隨機字符的 access_token 方案總結 ..........................................................160
7.2.5 隨機字符方案的缺陷及防禦 .............................................................................160
JWT 實現··············································································.168
7.3.1 JWT 簡介 ............................................................................................................168
7.3.2 JWT 簡單實戰 ....................................................................................................169
7.3.3 基於 JWT 實現的授權信息 ...............................................................................175
7.3.4 基於 JWT 的 access_token 方案總結 ................................................................179
權限包與 Scope ······································································.180
7.4.1 Scope 概念引入 ..................................................................................................180
7.4.2 開放平臺中的 Scope 實現細節 .........................................................................181
SDK ····················································································.183
第8章 基於SpringSecurity的OAuth2實戰.............................190 8.1 隱式授權模式 ········································································.1918.1.1 授權系統的相關實現 .........................................................................................191
8.1.2 開放網關的相關實現 .........................................................................................195
8.1.3 相關實現的驗證.................................................................................................196
8.2 授權碼授權模式 ·····································································.198
8.2.1 授權系統的相關實現 .........................................................................................198
8.2.2 開放網關的相關實現 .........................................................................................201
8.2.3 相關實現的驗證.................................................................................................203
8.3 授信客戶端密碼模式 ·······························································.208
8.3.1 授權系統的相關實現 .........................................................................................209
8.3.2 開放網關的相關實現 .........................................................................................211
8.3.3 相關實現的驗證.................................................................................................213
8.4 授信客戶端模式 ·····································································.215
8.4.1 授權系統的相關實現 .........................................................................................216
8.4.2 開放網關的相關實現 .........................................................................................218
8.4.3 相關實現的驗證.................................................................................................220
8.5 四種授權模式總結 ··································································.221 8.6 JWT····················································································.221
8.6.1 授權系統的相關實現 .........................................................................................222
8.6.2 開放網關的相關實現 .........................................................................................226
8.6.3 相關實現的驗證.................................................................................................227
