oauth2.0如何传递访问令牌 [英] oauth2.0 how to pass access token
问题描述
我正在努力将 OAuth2 集成到 REST API ,我想知道我应该如何发送 access_token 参数请求。
I am working on integrating OAuth2 to a REST API and I would like to know how am I supposed to send the access_token parameter for the requests.
示例:
我的服务器接受两条路线:
POST / write
GET / read
Example:
My server accepts two routes:
POST /write
GET /read
For / write,我应该把access_token放在POST中吗?
curl http://api.localhost/write -d'access_token = [ACCESS_TOKEN]'
For /write, am I supposed to put the access_token in the POST?
curl http://api.localhost/write -d 'access_token=[ACCESS_TOKEN]'
For / read,am I应该把它放在GET中?
curl http://api.localhost/read?access_token = [ACCESS_TOKEN]
For /read, am I supposed to put it in the GET?
curl http://api.localhost/read?access_token=[ACCESS_TOKEN]
或两种情况下,它应该通过POST发送吗?
Or in both cases, is it supposed to be sent through POST?
谢谢,
Gasim
Thanks,
Gasim
推荐答案
使用OAuth,令牌通常在请求标头中传递。对于POST或GET,您可能希望尝试类似于以下内容:
With OAuth, the token is generally passed in the request headers. You may wish to try something similar to the following, for both POST or GET:
POST: curl http://api.localhost/write -H'授权:持票人ACCESS_TOKEN'
获取: curl http://api.localhost/read -H '授权:持票人ACCESS_TOKEN'
授权密钥/值对的值部分可能因REST服务提供商而异。例如,使用 Github ,标题键/值对看起来像这样:
The value part of the Authorization key/value pair can vary by REST service provider. With Github, for instance, the header key/value pair looks like this:
curl -H授权:令牌your_tokenhttps://api.github.com/repos/user/repo
您可能需要查阅网络服务提供商文档了解详情。
You may need to consult the webservice provider docs for details.
这篇关于oauth2.0如何传递访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!