Welcome toVigges Developer Community-Open, Learning,Share
Ask a Question
Welcome To Ask or Share your Answers For Others

Categories

oauth2 密码模式下client_secret明文传输会不会不安全?

0 votes
3.2k views
in Technique[技术] by (71.8m points)

oauth2 密码模式下client_secret明文传输会不会不安全?

我看好多文章、博客讲解password模式都是这样做的,如下所示:
image.png

问题是,这样client_secret不就明文传输了吗,会不会不安全?


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

比如授权服务是A,你的后端服务是B,你的客户端是C,这个接口属于A,那么你实际上是C请求到B再请求到A,而这些信息都是保存在你的后端服务B的。后端传输如果是自己的服务应该不用考虑。如果是第三方授权服务,第三方应该会有做对称加密。


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to Vigges Developer Community for programmer and developer-Open, Learning and Share

Just Browsing Browsing

2.1m questions

2.1m answers

63 comments

56.5k users

Most popular tags

Snow Theme by Q2A Market
Powered by Question2Answer
...