# spring-cloud-alibaba-2022 **Repository Path**: knightdreams/spring-cloud-alibaba-2022 ## Basic Information - **Project Name**: spring-cloud-alibaba-2022 - **Description**: SpringCloud SpringAuthorizationServer Oauth2认证 - **Primary Language**: Java - **License**: Apache-2.0 - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 6 - **Forks**: 2 - **Created**: 2023-07-26 - **Last Updated**: 2025-06-06 ## Categories & Tags **Categories**: Uncategorized **Tags**: SpringCloud ## README # spring-cloud-alibaba-2022 #### 介绍 基于SpringBoot,SpringCloud,SpringCloudAlibaba,SpringAuthorizationServer,mybatisPlus等开源框架构建的微服务架构项目 #### 项目用到的框架/三方库/插件仓库地址 * SpringCloud https://github.com/spring-cloud/spring-cloud-release/releases * SpringCloudAlibaba https://github.com/alibaba/spring-cloud-alibaba/releases * SpringBoot https://github.com/spring-projects/spring-boot/releases * SpringAuthorizationServer https://github.com/spring-projects/spring-authorization-server/releases * mybatis-plus https://github.com/baomidou/mybatis-plus/releases * hutool https://github.com/dromara/hutool/releases * knife4j https://gitee.com/xiaoym/knife4j/releases * mica-auto https://github.com/lets-mica/mica-auto/releases * spring-javaformat https://github.com/spring-io/spring-javaformat/releases #### 使用说明 使用遇到问题可以加QQ群: [![加入QQ群](https://img.shields.io/badge/689932210-blue.svg)](https://jq.qq.com/?_wv=1027&k=5x1EdC8) 欢迎您进群进行技术交流 如果此项目帮到您的话,欢迎star,您的star就是对我最大的鼓励 #### 授权交互流程解析 ##### 不透明令牌自省流程 ```mermaid sequenceDiagram participant 用户 participant 资源服务 participant 授权服务 用户->>授权服务: 登录认证 授权服务->>用户: 返回访问令牌(opaque) 用户->>资源服务: 携带令牌访问受保护的资源 资源服务->>资源服务: BearerTokenAuthenticationFilter 解析令牌 资源服务->>授权服务: OpaqueTokenIntrospector 不透明令牌内省 授权服务->>授权服务: OAuth2TokenIntrospectionEndpointFilter 令牌内省 授权服务->>资源服务: 返回内省结果 资源服务->>用户: 返回资源/令牌无效 ``` ##### 授权码交互流程源码解析 ```mermaid flowchart TD GET/oauth2/authorize --> OAuth2AuthorizationEndpointFilter OAuth2AuthorizationEndpointFilter --> OAuth2AuthorizationCodeRequestAuthenticationConverter OAuth2AuthorizationCodeRequestAuthenticationConverter --> OAuth2AuthorizationCodeRequestAuthenticationProvider OAuth2AuthorizationCodeRequestAuthenticationProvider -- requireAuthorizationConsent--> OAuth2AuthorizationConsentAuthenticationToken OAuth2AuthorizationConsentAuthenticationToken --> OAuth2AuthorizationConsentAuthenticationProvider OAuth2AuthorizationConsentAuthenticationProvider --> OAuth2AuthorizationCodeRequestAuthenticationToken OAuth2AuthorizationCodeRequestAuthenticationToken --> OAuth2AuthorizationEndpointFilter#sendAuthorizationConsent OAuth2AuthorizationEndpointFilter#sendAuthorizationConsent --同意授权--> POST/oauth2/authorize POST/oauth2/authorize --> OAuth2AuthorizationEndpointFilter2 OAuth2AuthorizationEndpointFilter2 --> sendAuthorizationResponse#返回code OAuth2AuthorizationEndpointFilter#sendAuthorizationConsent --取消--> finish OAuth2AuthorizationCodeRequestAuthenticationProvider -- !requireAuthorizationConsent--> sendAuthorizationResponse#返回code sendAuthorizationResponse#返回code --> POST/oauth2/token#grant_type=authorization_code ```