写在前边 最近在写 OAuth2 对接的代码,由于授权服务器(竹云BambooCloud IAM)部署在甲方内网,所以想着自己 Mock 一下授权方的返回体,验证一下我的代码。我这才踩到了坑…… 故事背景
最近在写 OAuth2 对接的代码,由于授权服务器(竹云BambooCloud IAM)部署在甲方内网,所以想着自己 Mock 一下授权方的返回体,验证一下我的代码。我这才踩到了坑……
故事背景选择的 Mock 框架是 国产开源的 Moco(https://github.com/dreamhead/moco),先下载moco-runner-1.3.0-standalone.jar
再根据 Moco的官方文档(https://github.com/dreamhead/moco/blob/master/moco-doc/apis.md)和竹云对接文档配置了以下的mock配置:
BambooCloud-IAM-OAuth2-Moco.json
[
{
"description": "授权回调接口",
"request": {
"uri": "/idp/oauth2/authorize",
"method": "get",
"queries": {
"client_id": "client-id-test",
"redirect_uri": "http://localhost:8188/api/oauth2/callback",
"response_type": "code"
}
},
"redirectTo" : "http://localhost:8188/api/oauth2/callback?code=123456"
},
{
"description": "获取token接口",
"request": {
"uri": "/idp/oauth2/getToken",
"method": "post",
"headers": {
"content-type": "application/x-www-form-urlencoded"
},
"forms": {
"client_id" : "client-id-test",
"client_secret" : "client-secret-test",
"grant_type" : "authorization_code",
"code" : "123456"
}
},
"response": {
"json": {
"access_token" : "123456789"
}
}
},
{
"description": "获取用户信息接口",
"request": {
"uri": "/idp/oauth2/getUserInfo",
"method": "get",
"queries": {
"client_id": "client-id-test",
"access_token": "123456789"
}
},
"response": {
"json": {
"spRoleList":["zhangsan"],
"uid":"20190904124905344-F4BE-C2C9EFF24",
"sorgId":null,
"displayName":"张三",
"loginName":"zhangsan",
"secAccValid":1,
"givenName":"729026",
"pinyinShortName":null,
"spNameList":["portalID","tyxtest","data","certificate","sysCertification","customer"],
"employeeNumber":null
}
}
}
]
启动 Moco
java -Dfile.encoding=UTF-8 -jar moco-runner-1.3.0-standalone.jar http -p 12306 -c BambooCloud-IAM-OAuth2-Moco.json
作者不愧是国人,官方文档里的端口号竟然是12306火车票订票网站,等等,该不会作者是方便模拟 12306 开发抢票功能才写的 Moco 吧