与 SPA(React 或 Angular)共享 Spring OAuth2 客户端会话 cookie
应用程序服务器将访问令牌保留和刷新令牌 内部存储,并与浏览器一起创建一个单独的会话 - 通过传统浏览器cookie(h)
。我可以通过传统的浏览器cookie a的流程末端创建与基于浏览器的应用程序单独的会话?还是我必须与我的React或Angular应用共享 sessionID ?但是我该怎么做?
In specification for OAuth 2.0 for Browser-Based Apps (React or Angular) at page 7 for the case when we have backend (BFF) we can see that at the end of the flow:
The application server then keeps the access token and refresh token
stored internally, and creates a separate session with the browser-
based app via a traditional browser cookie (H).
I use spring-security-oauth2-client and new spring-security-oauth2-autorization-server how I can create separate session with the browser-based app via a traditional browser cookie a the end of the flow? Or I have to share sessionId with my React or Angular application? But how I can do this?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论