diff --git a/sa-token-demo/sa-token-demo-sso-client-h5/sso-login.html b/sa-token-demo/sa-token-demo-sso-client-h5/sso-login.html
index 4191fe89..3b18cdd3 100644
--- a/sa-token-demo/sa-token-demo-sso-client-h5/sso-login.html
+++ b/sa-token-demo/sa-token-demo-sso-client-h5/sso-login.html
@@ -30,7 +30,7 @@
// 重定向至认证中心
function goSsoAuthUrl() {
- sa.ajax('/getSsoAuthUrl', {clientLoginUrl: location.href}, function(res) {
+ sa.ajax('/sso/getSsoAuthUrl', {clientLoginUrl: location.href}, function(res) {
console.log(res);
location.href = res.data;
})
@@ -38,7 +38,7 @@
// 根据ticket值登录
function doLoginByTicket(ticket) {
- sa.ajax('/doLoginByTicket', {ticket: ticket}, function(res) {
+ sa.ajax('/sso/doLoginByTicket', {ticket: ticket}, function(res) {
console.log(res);
if(res.code == 200) {
localStorage.setItem('satoken', res.data);
diff --git a/sa-token-demo/sa-token-demo-sso-server-h5/login.js b/sa-token-demo/sa-token-demo-sso-server-h5/login.js
index 7738b43c..0b87ab7c 100644
--- a/sa-token-demo/sa-token-demo-sso-server-h5/login.js
+++ b/sa-token-demo/sa-token-demo-sso-server-h5/login.js
@@ -42,7 +42,7 @@ sa.ajax = function(url, data, successFn) {
// ----------------------------------- 相关事件 -----------------------------------
// 检查当前是否已经登录,如果已登录则直接开始跳转,如果未登录则等待用户输入账号密码
-sa.ajax("/getRedirectUrl", {redirect: getParam('redirect', ''), mode: getParam('mode', '')}, function(res) {
+sa.ajax("/sso/getRedirectUrl", {redirect: getParam('redirect', ''), mode: getParam('mode', '')}, function(res) {
if(res.code == 200) {
// 已登录,并且redirect地址有效,开始跳转
location.href = decodeURIComponent(res.data);
diff --git a/sa-token-demo/sa-token-demo-sso-server/src/main/java/com/pj/h5/H5Controller.java b/sa-token-demo/sa-token-demo-sso-server/src/main/java/com/pj/h5/H5Controller.java
index a7440292..0641b0b2 100644
--- a/sa-token-demo/sa-token-demo-sso-server/src/main/java/com/pj/h5/H5Controller.java
+++ b/sa-token-demo/sa-token-demo-sso-server/src/main/java/com/pj/h5/H5Controller.java
@@ -22,7 +22,7 @@ public class H5Controller {
/**
* 获取 redirectUrl
*/
- @RequestMapping("/getRedirectUrl")
+ @RequestMapping("/sso/getRedirectUrl")
private Object getRedirectUrl(String redirect, String mode) {
// 未登录情况下,返回 code=401
if(StpUtil.isLogin() == false) {
diff --git a/sa-token-demo/sa-token-demo-sso-server/src/main/resources/application.yml b/sa-token-demo/sa-token-demo-sso-server/src/main/resources/application.yml
index 2dc74bab..babc1766 100644
--- a/sa-token-demo/sa-token-demo-sso-server/src/main/resources/application.yml
+++ b/sa-token-demo/sa-token-demo-sso-server/src/main/resources/application.yml
@@ -5,7 +5,7 @@ server:
# Sa-Token 配置
sa-token:
# -------------- SSO-模式一相关配置 (非模式一不需要配置)
- # cookie:
+ # cookie:
# 配置Cookie作用域
# domain: stp.com
diff --git a/sa-token-demo/sa-token-demo-sso2-client/src/main/java/com/pj/h5/H5Controller.java b/sa-token-demo/sa-token-demo-sso2-client/src/main/java/com/pj/h5/H5Controller.java
index de1a350c..03448242 100644
--- a/sa-token-demo/sa-token-demo-sso2-client/src/main/java/com/pj/h5/H5Controller.java
+++ b/sa-token-demo/sa-token-demo-sso2-client/src/main/java/com/pj/h5/H5Controller.java
@@ -25,16 +25,16 @@ public class H5Controller {
}
// 返回SSO认证中心登录地址
- @RequestMapping("/getSsoAuthUrl")
+ @RequestMapping("/sso/getSsoAuthUrl")
public SaResult getSsoAuthUrl(String clientLoginUrl) {
String serverAuthUrl = SaSsoUtil.buildServerAuthUrl(clientLoginUrl, "");
return SaResult.data(serverAuthUrl);
}
// 根据ticket进行登录
- @RequestMapping("/doLoginByTicket")
+ @RequestMapping("/sso/doLoginByTicket")
public SaResult doLoginByTicket(String ticket) {
- Object loginId = SaSsoHandle.checkTicket(ticket, "/doLoginByTicket");
+ Object loginId = SaSsoHandle.checkTicket(ticket, "/sso/doLoginByTicket");
if(loginId != null) {
StpUtil.login(loginId);
return SaResult.data(StpUtil.getTokenValue());
diff --git a/sa-token-doc/doc/sso/sso-apidoc.md b/sa-token-doc/doc/sso/sso-apidoc.md
index d215913c..04248463 100644
--- a/sa-token-doc/doc/sso/sso-apidoc.md
+++ b/sa-token-doc/doc/sso/sso-apidoc.md
@@ -8,6 +8,9 @@
---
+## 一、SSO-Server 认证中心接口
+
+
### 1、单点登录授权地址
``` url
http://{host}:{port}/sso/auth
@@ -102,7 +105,7 @@ http://{host}:{port}/sso/logout?back=xxx
| loginId | 是 | 要注销的账号 id |
| timestamp | 是 | 当前时间戳,13位 |
| nonce | 是 | 随机字符串 |
-| sign | 是 | 签名,生成算法:`md5( loginId={value}&nonce={value}×tamp={value}&key={secretkey秘钥} )` |
+| sign | 是 | 签名,生成算法:`md5( loginId={账号id}&nonce={随机字符串}×tamp={13位时间戳}&key={secretkey秘钥} )` |
例如:
``` url
@@ -136,6 +139,82 @@ SSO 认证中心只有这四个接口,接下来让我一起来看一下 Client
+---
+
+## 二、SSO-Client 应用端开放接口
+
+### 1、登录地址
+``` url
+http://{host}:{port}/sso/login
+```
+
+接收参数:
+
+| 参数 | 是否必填 | 说明 |
+| :-------- | :-------- | :-------- |
+| back | 是 | 登录成功后的重定向地址,一般填写 location.href(从哪来回哪去) |
+| ticket | 否 | 授权 ticket 码 |
+
+此接口有两种访问方式:
+- 方式一:我们需要登录操作,所以带着 back 参数主动访问此接口,框架会拼接好参数后再次将用户重定向至认证中心。
+- 方式二:用户在认证中心登录成功后,带着 ticket 参数重定向而来,此为框架自动处理的逻辑,开发者无需关心。
+
+
+### 2、注销地址
+``` url
+http://{host}:{port}/sso/logout
+```
+
+接收参数:
+
+| 参数 | 是否必填 | 说明 |
+| :-------- | :-------- | :-------- |
+| back | 否 | 注销成功后的重定向地址,一般填写 location.href(从哪来回哪去),也可以填写 self 字符串,含义同上 |
+
+此接口有两种访问方式:
+- 方式一:直接 `location.href` 网页跳转,此时可携带 back 参数。
+- 方式二:使用 Ajax 异步调用,注销成功将返回以下内容:
+
+``` js
+{
+ "code": 200, // 200表示请求成功,非200标识请求失败
+ "msg": "单点注销成功",
+ "data": null
+}
+```
+
+
+### 3、单点注销回调接口
+此接口仅配置模式三 `(isHttp=true)` 时打开,且为框架回调,开发者无需关心
+
+``` url
+http://{host}:{port}/sso/logoutCall
+```
+
+接受参数:
+
+| 参数 | 是否必填 | 说明 |
+| :-------- | :-------- | :-------- |
+| loginId | 是 | 要注销的账号 id |
+| timestamp | 是 | 当前时间戳,13位 |
+| nonce | 是 | 随机字符串 |
+| sign | 是 | 签名,生成算法:`md5( loginId={账号id}&nonce={随机字符串}×tamp={13位时间戳}&key={secretkey秘钥} )` |
+
+返回数据:
+
+``` js
+{
+ "code": 200, // 200表示请求成功,非200标识请求失败
+ "msg": "单点注销回调成功",
+ "data": null
+}
+```
+
+
+
+
+
+
diff --git a/sa-token-doc/doc/sso/sso-h5.md b/sa-token-doc/doc/sso/sso-h5.md
index da701640..4b2ca2ee 100644
--- a/sa-token-doc/doc/sso/sso-h5.md
+++ b/sa-token-doc/doc/sso/sso-h5.md
@@ -21,16 +21,16 @@ public class H5Controller {
}
// 返回SSO认证中心登录地址
- @RequestMapping("/getSsoAuthUrl")
+ @RequestMapping("/sso/getSsoAuthUrl")
public SaResult getSsoAuthUrl(String clientLoginUrl) {
String serverAuthUrl = SaSsoUtil.buildServerAuthUrl(clientLoginUrl, "");
return SaResult.data(serverAuthUrl);
}
// 根据ticket进行登录
- @RequestMapping("/doLoginByTicket")
+ @RequestMapping("/sso/doLoginByTicket")
public SaResult doLoginByTicket(String ticket) {
- Object loginId = SaSsoHandle.checkTicket(ticket, "/doLoginByTicket");
+ Object loginId = SaSsoHandle.checkTicket(ticket, "/sso/doLoginByTicket");
if(loginId != null) {
StpUtil.login(loginId);
return SaResult.data(StpUtil.getTokenValue());
diff --git a/sa-token-doc/doc/sso/sso-type1.md b/sa-token-doc/doc/sso/sso-type1.md
index b70348d8..da45b819 100644
--- a/sa-token-doc/doc/sso/sso-type1.md
+++ b/sa-token-doc/doc/sso/sso-type1.md
@@ -109,8 +109,8 @@ public class SsoClientController {
// SSO-Client端:首页
@RequestMapping("/")
public String index() {
- String authUrl = SaSsoManager.getConfig().getAuthUrl();
- String solUrl = SaSsoManager.getConfig().getSloUrl();
+ String authUrl = SaSsoManager.getConfig().splicingAuthUrl();
+ String solUrl = SaSsoManager.getConfig().splicingSloUrl();
String str = "Sa-Token SSO-Client 应用端
" +
"当前会话是否登录:" + StpUtil.isLogin() + "
" +
"登录 " +