forked from Java-Edge/Java-Interview-Tutorial
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathoauth2_and_encryption.drawio
More file actions
114 lines (95 loc) · 7.71 KB
/
oauth2_and_encryption.drawio
File metadata and controls
114 lines (95 loc) · 7.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<mxfile host="app.diagrams.net" modified="2023-11-10T10:00:00.000Z" agent="5.0 (Macintosh)" etag="abcdefgh12345" version="21.0.2" type="device">
<diagram id="security_architecture" name="安全架构:OAuth2.0和数据加密">
<mxGraphModel dx="1186" dy="819" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="1169" pageHeight="827" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<!-- 标题 -->
<mxCell id="title" value="安全架构:OAuth2.0 认证与数据加密方案" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontSize=20;fontStyle=1" vertex="1" parent="1">
<mxGeometry x="284.5" y="20" width="600" height="40" as="geometry" />
</mxCell>
<!-- 系统组件 -->
<mxCell id="client" value="客户端应用" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
<mxGeometry x="160" y="200" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="resource_server" value="资源服务器" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
<mxGeometry x="800" y="200" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="auth_server" value="授权服务器" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#ffe6cc;strokeColor=#d79b00;" vertex="1" parent="1">
<mxGeometry x="480" y="120" width="120" height="60" as="geometry" />
</mxCell>
<!-- HTTPS 层 -->
<mxCell id="https_layer" value="HTTPS 安全传输层" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#f5f5f5;strokeColor=#666666;dashed=1;verticalAlign=top;fontColor=#333333;" vertex="1" parent="1">
<mxGeometry x="120" y="320" width="840" height="140" as="geometry" />
</mxCell>
<!-- OAuth 流程 -->
<mxCell id="step1" value="1. 授权请求" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.25;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1" source="client" target="auth_server">
<mxGeometry x="-0.0039" width="50" height="50" relative="1" as="geometry">
<mxPoint x="550" y="370" as="sourcePoint" />
<mxPoint x="600" y="320" as="targetPoint" />
<Array as="points">
<mxPoint x="350" y="150" />
</Array>
<mxPoint as="offset" />
</mxGeometry>
</mxCell>
<mxCell id="step2" value="2. 授权码/令牌" style="endArrow=classic;html=1;rounded=0;exitX=0;exitY=0.75;exitDx=0;exitDy=0;entryX=1;entryY=0.25;entryDx=0;entryDy=0;dashed=1;" edge="1" parent="1" source="auth_server" target="client">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="550" y="370" as="sourcePoint" />
<mxPoint x="600" y="320" as="targetPoint" />
<Array as="points">
<mxPoint x="350" y="180" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="step4" value="4. 返回受保护资源(AES加密数据)" style="endArrow=classic;html=1;rounded=0;exitX=0;exitY=0.75;exitDx=0;exitDy=0;entryX=1;entryY=0.75;entryDx=0;entryDy=0;dashed=1;" edge="1" parent="1" source="resource_server" target="client">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="550" y="370" as="sourcePoint" />
<mxPoint x="600" y="320" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="step3" value="3. 携带访问令牌请求资源" style="endArrow=classic;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1" source="client" target="resource_server">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="550" y="370" as="sourcePoint" />
<mxPoint x="600" y="320" as="targetPoint" />
</mxGeometry>
</mxCell>
<mxCell id="token_validation" value="3.1 验证令牌" style="endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;entryX=1;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1" source="resource_server" target="auth_server">
<mxGeometry width="50" height="50" relative="1" as="geometry">
<mxPoint x="550" y="370" as="sourcePoint" />
<mxPoint x="600" y="320" as="targetPoint" />
<Array as="points">
<mxPoint x="860" y="150" />
</Array>
</mxGeometry>
</mxCell>
<!-- 数据加密详情 -->
<mxCell id="aes_encryption" value="AES 加密业务数据" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" vertex="1" parent="1">
<mxGeometry x="200" y="360" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="ssl_tls" value="SSL/TLS 加密" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" vertex="1" parent="1">
<mxGeometry x="440" y="360" width="120" height="60" as="geometry" />
</mxCell>
<mxCell id="packet_protection" value="防流量劫持和抓包分析" style="rounded=1;whiteSpace=wrap;html=1;fillColor=#fff2cc;strokeColor=#d6b656;" vertex="1" parent="1">
<mxGeometry x="680" y="360" width="120" height="60" as="geometry" />
</mxCell>
<!-- 安全层描述 -->
<mxCell id="security_layers" value="安全防护层次" style="swimlane;fontStyle=0;childLayout=stackLayout;horizontal=1;startSize=30;horizontalStack=0;resizeParent=1;resizeParentMax=0;resizeLast=0;collapsible=1;marginBottom=0;whiteSpace=wrap;html=1;fillColor=#f8cecc;strokeColor=#b85450;" vertex="1" parent="1">
<mxGeometry x="400" y="500" width="280" height="150" as="geometry" />
</mxCell>
<mxCell id="layer1" value="1. OAuth2.0: 身份认证与授权" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" vertex="1" parent="security_layers">
<mxGeometry y="30" width="280" height="30" as="geometry" />
</mxCell>
<mxCell id="layer2" value="2. HTTPS/SSL: 传输层加密" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" vertex="1" parent="security_layers">
<mxGeometry y="60" width="280" height="30" as="geometry" />
</mxCell>
<mxCell id="layer3" value="3. AES: 业务数据加密" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" vertex="1" parent="security_layers">
<mxGeometry y="90" width="280" height="30" as="geometry" />
</mxCell>
<mxCell id="layer4" value="4. 防护: 抵御流量劫持和抓包分析" style="text;strokeColor=none;fillColor=none;align=left;verticalAlign=middle;spacingLeft=4;spacingRight=4;overflow=hidden;points=[[0,0.5],[1,0.5]];portConstraint=eastwest;rotatable=0;whiteSpace=wrap;html=1;" vertex="1" parent="security_layers">
<mxGeometry y="120" width="280" height="30" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>