oauth2.0如何传递访问令牌 [英] oauth2.0 how to pass access token

问题描述

我正在努力将 OAuth2 集成到 REST API ，我想知道我应该如何发送 access_token 参数请求。

I am working on integrating OAuth2 to a REST API and I would like to know how am I supposed to send the access_token parameter for the requests.

示例：

我的服务器接受两条路线：

POST / write

GET / read

Example:
My server accepts two routes:
POST /write
GET /read

For / write，我应该把access_token放在POST中吗？

curl http：//api.localhost/write -d'access_token = [ACCESS_TOKEN]'

For /write, am I supposed to put the access_token in the POST?
curl http://api.localhost/write -d 'access_token=[ACCESS_TOKEN]'

For / read，am I应该把它放在GET中？

curl http：//api.localhost/read？access_token = [ACCESS_TOKEN]

For /read, am I supposed to put it in the GET?
curl http://api.localhost/read?access_token=[ACCESS_TOKEN]

或两种情况下，它应该通过POST发送吗？

Or in both cases, is it supposed to be sent through POST?

谢谢，

Gasim

Thanks,
Gasim

推荐答案

使用OAuth，令牌通常在请求标头中传递。对于POST或GET，您可能希望尝试类似于以下内容：

With OAuth, the token is generally passed in the request headers. You may wish to try something similar to the following, for both POST or GET:

POST： curl http：//api.localhost/write -H'授权：持票人ACCESS_TOKEN'

获取： curl http：//api.localhost/read -H '授权：持票人ACCESS_TOKEN'

授权密钥/值对的值部分可能因REST服务提供商而异。例如，使用 Github ，标题键/值对看起来像这样：

The value part of the Authorization key/value pair can vary by REST service provider. With Github, for instance, the header key/value pair looks like this:

curl -H授权：令牌your_tokenhttps://api.github.com/repos/user/repo

您可能需要查阅网络服务提供商文档了解详情。

You may need to consult the webservice provider docs for details.

这篇关于oauth2.0如何传递访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！