翟凌囗交全套在线播放 ,朝鲜特黄一级一免费,国产一区二区欧美丝袜

OAuth 2實戰(zhàn)寶典

定價：¥75

中教價：¥45.00 (6.00折）

庫存數(shù)： 28

購買數(shù)量：

隨著互聯(lián)網(wǎng)的普及，合作共贏成了一個越來越受重視的話題。一些成熟的互聯(lián)網(wǎng)企業(yè)，需要與眾多的第三方企業(yè)進(jìn)行合作，以便為自己的用戶提供豐富的個性化應(yīng)用。在這個過程中，企業(yè)需要將自身的一些能力(API)開放給第三方合作企業(yè)，具體的實現(xiàn)形式一般是搭建一個專門的開放平臺系統(tǒng)。無論企業(yè)通過何種方式來開放自身的能力，授權(quán)都是一個繞不開的話題。本書將通過 8 章來詳細(xì)對授權(quán)的相關(guān)內(nèi)容進(jìn)行闡述，主要內(nèi)容包括 OAuth 2 概述、開放平臺整體架構(gòu)、實戰(zhàn)中的授權(quán)模式、OpenID 從理論到實戰(zhàn)、授權(quán)碼授權(quán)模式回調(diào)地址實戰(zhàn)、簽名、授權(quán)信息、基于 Spring Security 的 OAuth 2 實戰(zhàn)。

糜鵬程，京東零售擔(dān)任高級工程師，主要負(fù)責(zé)開發(fā)平臺相關(guān)的研發(fā)工作，對開放平臺中各系統(tǒng)的具體實現(xiàn)有深入研究，目前擔(dān)任開發(fā)和維護(hù)的JOS網(wǎng)關(guān)系統(tǒng)，日活調(diào)用量50億左右。

目錄
第1章 OAuth2概述......................................................................1
1.1
1.2
OAuth 2 的定義 ·········································································.2 1.1.1 官方定義.................................................................................................................2 1.1.2 開放平臺中的定義 .................................................................................................2 OAuth 2 的四種授權(quán)模式 ·····························································.3
1.2.1 隱式授權(quán)模式.........................................................................................................3
1.2.2 授權(quán)碼授權(quán)模式 .....................................................................................................5
1.2.3 授信客戶端密碼模式 ...........................................................................................10
1.2.4 授信客戶端模式 ...................................................................................................12
第2章開放平臺整體架構(gòu).............................................................15
2.1 2.2
2.3
2.4
功能架構(gòu) ···············································································.16 API 網(wǎng)關(guān)系統(tǒng)··········································································.18
2.2.1 API 整體架構(gòu) .......................................................................................................18
2.2.2 API 網(wǎng)關(guān)與授權(quán)系統(tǒng)的關(guān)系................................................................................19
控制臺系統(tǒng) ············································································.20 2.3.1 功能概述...............................................................................................................20
2.3.2 控制臺系統(tǒng)與授權(quán)系統(tǒng)的關(guān)系 ...........................................................................20
服務(wù)市場 ···············································································.21
第3章實戰(zhàn)中的授權(quán)模式.............................................................22
3.1
3.2 3.3
授權(quán)碼授權(quán)模式的應(yīng)用 ·····························································.23
3.1.1 獲取 code ..............................................................................................................23
3.1.2 獲取授權(quán)信息.......................................................................................................27
3.1.3 刷新授權(quán)信息.......................................................................................................30
用戶名密碼授權(quán)碼授權(quán)模式的應(yīng)用 ··············································.31 授信客戶端密碼模式的應(yīng)用 ·······················································.333.4
3.5
授信客戶端模式的應(yīng)用 ·····························································.34
3.4.1 標(biāo)準(zhǔn)授信客戶端模式 ...........................................................................................34
3.4.2 自研應(yīng)用...............................................................................................................35
3.4.3 自研授信客戶端授權(quán) ...........................................................................................35
插件化授權(quán)模式的應(yīng)用 ·····························································.36 3.5.1 普通應(yīng)用場景.......................................................................................................37 3.5.2 官方應(yīng)用場景.......................................................................................................42
第4章 OpenID從理論到實戰(zhàn).......................................................48
4.1
4.2
4.3
4.4
4.5
OpenID 概述···········································································.49
4.1.1 OpenID 定義 .........................................................................................................49
4.1.2 OpenID 使用流程 .................................................................................................50
4.1.3 OpenID 與 OAuth 2 ..............................................................................................52
基于自增 ID 的 OpenID 方案·······················································.53
4.2.1 概述.......................................................................................................................53
4.2.2 基于單機(jī)模式下自增 ID 的實現(xiàn)方案 .................................................................54
4.2.3 基于雪花算法的 OpenID 生成方案 ....................................................................55
4.2.4 基于自增 ID 的 OpenID 生成方案總結(jié) ..............................................................56
基于 Hash 算法的 OpenID 方案····················································.57
4.3.1 概述.......................................................................................................................57
4.3.2 Hash 算法簡介......................................................................................................57
4.3.3 使用 Hash 函數(shù)計算 OpenID ...............................................................................58
4.3.4 基于 Hash 算法的 OpenID 方案總結(jié) ..................................................................64
基于對稱加密算法的 OpenID 方案 ···············································.64
4.4.1 概述.......................................................................................................................64
4.4.2 對稱加密算法簡介 ...............................................................................................64
4.4.3 基于對稱加密算法的 OpenID 實踐 ....................................................................66
4.4.4 基于對稱加密算法的 OpenID 方案總結(jié) ............................................................68
基于嚴(yán)格單調(diào)函數(shù)的 OpenID 方案 ···············································.69
4.5.1 相關(guān)概念...............................................................................................................69
4.5.2 基于嚴(yán)格單調(diào)函數(shù)的 OpenID 實踐 ....................................................................70
4.5.3 基于嚴(yán)格單調(diào)函數(shù)的 OpenID 方案總結(jié) ............................................................744.6
4.7 4.8
基于向量加法的 OpenID 方案 ·····················································.75
4.6.1 UUID 簡介............................................................................................................75
4.6.2 基于向量加法的 OpenID 實踐 ............................................................................76
4.6.3 矩陣乘法思路擴(kuò)展 ...............................................................................................79
OpenID 小結(jié)···········································································.81 UnionID·················································································.83
4.8.1 UnionID 簡介........................................................................................................83
4.8.2 UnionID 劃分方案................................................................................................84
4.8.3 基于自增 ID 的 UnionID 方案.............................................................................86
4.8.4 基于 Hash 算法的 UnionID 方案.........................................................................88
4.8.5 基于對稱加密算法的 UnionID 方案 ...................................................................90
4.8.6 基于嚴(yán)格單調(diào)函數(shù)的 UnionID 方案 ...................................................................92
4.8.7 基于向量加法的 UnionID 方案 ...........................................................................93
4.8.8 UnionID 總結(jié)........................................................................................................95
第5章授權(quán)碼授權(quán)模式回調(diào)地址實戰(zhàn)...........................................97
VIII
5.1 5.2
5.3
5.4
5.5
普通回調(diào)地址 ·········································································.98 字符替換回調(diào)地址 ···································································.99
5.2.1 場景引入...............................................................................................................99
5.2.2 解決方案.............................................................................................................101
5.2.3 基于字符替換的回調(diào)地址方案總結(jié) .................................................................106
自定義函數(shù)回調(diào)地址 ·······························································.106
5.3.1 FaaS 簡介............................................................................................................106
5.3.2 FaaS 實踐............................................................................................................108
5.3.3 自定義函數(shù)回調(diào)地址實踐 .................................................................................109
code 生成方案 ········································································.112
5.4.1 基于隨機(jī)數(shù)生成 code 方案................................................................................112
5.4.2 解決隨機(jī) code 沖突 ...........................................................................................114
5.4.3 基于 UUID 生成 code ........................................................................................116
code 消費··············································································.117
5.5.1 標(biāo)準(zhǔn) code 消費策略 ...........................................................................................117
5.5.2 code 消費策略優(yōu)化 ............................................................................................118第6章簽名................................................................................124
6.1 6.2 6.3 6.4
6.5
簽名算法引入 ········································································.125 非對稱加密簡介 ·····································································.127 進(jìn)一步探討簽名算法 ·······························································.128 常見的簽名算法 ·····································································.129 6.4.1 非對稱簽名算法.................................................................................................129 6.4.2 開放平臺實踐中使用的簽名算法 .....................................................................130 開放平臺簽名實例 ··································································.141
第7章授權(quán)信息.........................................................................146
7.1
7.2
7.3
7.4
7.5
access_token 簡介····································································.147
7.1.1 短生命周期的可刷新 access_token ...................................................................147
7.1.2 短生命周期的無刷新 access_token ...................................................................148
7.1.3 永不過期的 access_token ...................................................................................149
隨機(jī)字符實現(xiàn) ········································································.150
7.2.1 短生命周期的可刷新 access_token ...................................................................150
7.2.2 短生命周期的無刷新 access_token ...................................................................156
7.2.3 永不過期的 access_token ...................................................................................158
7.2.4 基于隨機(jī)字符的 access_token 方案總結(jié) ..........................................................160
7.2.5 隨機(jī)字符方案的缺陷及防御 .............................................................................160
JWT 實現(xiàn)··············································································.168
7.3.1 JWT 簡介 ............................................................................................................168
7.3.2 JWT 簡單實戰(zhàn) ....................................................................................................169
7.3.3 基于 JWT 實現(xiàn)的授權(quán)信息 ...............................................................................175
7.3.4 基于 JWT 的 access_token 方案總結(jié) ................................................................179
權(quán)限包與 Scope ······································································.180
7.4.1 Scope 概念引入 ..................................................................................................180
7.4.2 開放平臺中的 Scope 實現(xiàn)細(xì)節(jié) .........................................................................181
SDK ····················································································.183
第8章基于SpringSecurity的OAuth2實戰(zhàn).............................190 8.1 隱式授權(quán)模式 ········································································.1918.1.1 授權(quán)系統(tǒng)的相關(guān)實現(xiàn) .........................................................................................191
8.1.2 開放網(wǎng)關(guān)的相關(guān)實現(xiàn) .........................................................................................195
8.1.3 相關(guān)實現(xiàn)的驗證.................................................................................................196
8.2 授權(quán)碼授權(quán)模式 ·····································································.198
8.2.1 授權(quán)系統(tǒng)的相關(guān)實現(xiàn) .........................................................................................198
8.2.2 開放網(wǎng)關(guān)的相關(guān)實現(xiàn) .........................................................................................201
8.2.3 相關(guān)實現(xiàn)的驗證.................................................................................................203
8.3 授信客戶端密碼模式 ·······························································.208
8.3.1 授權(quán)系統(tǒng)的相關(guān)實現(xiàn) .........................................................................................209
8.3.2 開放網(wǎng)關(guān)的相關(guān)實現(xiàn) .........................................................................................211
8.3.3 相關(guān)實現(xiàn)的驗證.................................................................................................213
8.4 授信客戶端模式 ·····································································.215
8.4.1 授權(quán)系統(tǒng)的相關(guān)實現(xiàn) .........................................................................................216
8.4.2 開放網(wǎng)關(guān)的相關(guān)實現(xiàn) .........................................................................................218
8.4.3 相關(guān)實現(xiàn)的驗證.................................................................................................220
8.5 四種授權(quán)模式總結(jié) ··································································.221 8.6 JWT····················································································.221
8.6.1 授權(quán)系統(tǒng)的相關(guān)實現(xiàn) .........................................................................................222
8.6.2 開放網(wǎng)關(guān)的相關(guān)實現(xiàn) .........................................................................................226
8.6.3 相關(guān)實現(xiàn)的驗證.................................................................................................227

你還可能感興趣

我要評論

您的姓名	驗證碼：
留言內(nèi)容

国产91青青成人a在线/在线视频成人/aaa成人永久在线观看视频/深夜草莓视频app