Spring social 和 oauth2 协议是什么关系? [英] What is the relationship between Spring social and oauth2 protocol?

问题描述

我阅读了一些关于 oauth2 协议及其概念的内容，例如:

I read some stuff about oauth2 protocol and its concepts like:

• 资源所有者
• 资源服务器
• 授权服务器
• 补助金类型等.

spring-social 是否使用 oauth2 协议?

Does spring-social use oauth2 protocol?

例如，如果我想使用 facebook 进行社交登录，那么 facebook、appTest、...的作用是什么?用 oauth2 术语?

For example if I want to have social login with facebook, what is the role of facebook, appTest,... in oauth2 terms?

更新

经过大量搜索，我找到了 https://www.credera.com/blog/ecommerce/spring-social-alternative-oauth.

After a considerable amount of searching i found https://www.credera.com/blog/ecommerce/spring-social-alternative-oauth.

但我仍然对 oauth2 概念授权服务器、资源服务器和...在 spring 社交中感到困惑.

but i'm still confused about oauth2 concepts authorization server, resource server and ... in spring social.

推荐答案

来自相关链接:

Oauth 规范于 2007 年首次发布，OAuth 一直是软件即服务提供商的标准身份验证方法.OAuth 为客户端网站提供了访问用户的方法代表用户来自第三方的信息，不包括要求用户提供他们的登录详细信息.不幸的是开发人员，与各种提供者实施 OAuth 握手可能会很乏味

Oauth specification was first released in 2007, OAuth has been the standard method of authentication for software-as-a-service providers. OAuth provides the means for a client website to access user information from a third party on behalf of the user, without requiring the user to provide their login details. Unfortunately for developers, implementing the OAuth handshake with various providers can be quite tedious

Spring Social，一个大大简化流程的项目创建和管理第三方提供商连接.的目标项目是抽象出具体的实现细节每个服务都为开发者提供了一种简单的获取方法每个服务的 API 都在一个强类型的 Java 绑定中，并且干净地组织存储的连接，以便它们可以与应用程序的本地用户.

Spring Social, a project that drastically simplifies the process of creating and managing third party provider connections. The goals of the project are to abstract the specific implementation details of each service to provide developers with a simple method of getting each service’s API in a strongly-typed Java binding, and to cleanly organize stored connections so that they can be associated with the application’s local users.

使用 Spring Social 而不是简单的有很多好处身份验证.Spring Social 处理 OAuth 协议的所有变体在网络上，并在其特定于提供商的支持下模块，任何人都可以调整它以连接到任何启用 OAuth 的提供程序.该框架提供了内置的连接存储和管理，以及为用户提供专门为他们正在使用的服务.

There are numerous benefits to using Spring Social instead of plain OAuth. Spring Social handles all of the variants of the OAuth protocol that are out on the web, and with its support of provider specific modules, anyone can adapt it to connect to any OAuth enabled provider. The framework provides built in connection storage and management, and provides users with a Java-consumable API specifically tailored for the service they are using.

此外，虽然 Spring Social目前依赖于 OAuth，它不依赖于协议.自从授权协议完全从任何暴露的连接细节，当提供者时不需要重构不可避免地要改变他们的授权策略.

In addition, though Spring Social currently relies on OAuth, it is not dependent on the protocol. Since authorization protocols are completely abstracted from any exposed connection details, no refactoring should be required when providers inevitably change their authorization strategy.

这篇关于Spring social 和 oauth2 协议是什么关系?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！