参考文档

1. 官方文档

• SAS 官方的文档

• OAuth2.1 中文文档

• 问题讨论组

• 我的问题

1.1 功能列表

已完成功能

• The OAuth 2.1 Authorization Framework (Draft)
  • Authorization Grant
    • Authorization Code
    • Client Credentials
    • Refresh Token
  • Client Authentication
    • HTTP Basic
    • HTTP POST
  • User Consent
    • Authorization Code Grant
• Proof Key for Code Exchange by OAuth Public Clients (PKCE) (RFC 7636)
• OAuth 2.0 Token Revocation (RFC 7009)
• OAuth 2.0 Token Introspection (RFC 7662)
• OAuth 2.0 Authorization Server Metadata (RFC 8414)
• JSON Web Token (JWT) (RFC 7519)
• JSON Web Signature (JWS) (RFC 7515)
• JSON Web Key (JWK) (RFC 7517)
• OpenID Connect Core 1.0 (spec)
  • Authorization Code Flow
• OpenID Connect Discovery 1.0 (spec)
  • Provider Configuration Endpoint
• OpenID Connect Dynamic Client Registration 1.0 (spec)
  • Client Registration Endpoint

要实现功能

• JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants (RFC 7523)
• OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens (RFC 8705)
• OpenID Connect Core 1.0 (spec)
  • UserInfo Endpoint
• OAuth 2.0 Token Exchange (RFC 8693)