` 有来 Spring Security OAuth2 密码模式
@startuml
'https://plantuml.com/sequence-diagram
skinparam backgroundColor #EEEBDC
skinparam handwritten true

header 有来 Spring Security OAuth2 密码模式

actor 客户端

客户端 -> AuthController: 密码模式 \n /oauth/token?gran_type=password
AuthController -> TokenEndpoint: postAccessToken()
TokenEndpoint -> CompositeTokenGranter: this.getTokenGranter().grant()
CompositeTokenGranter->ResourceOwnerPasswordTokenGranter:grant( grantType, tokenRequest )\n根据 grant_type 匹配 Granter
note over of AuthenticationManagerDelegator #aqua
WebSecurityConfigurerAdapter 内部类
end note
ResourceOwnerPasswordTokenGranter-> AuthenticationManagerDelegator:this.authenticationManager.authenticate()
AuthenticationManagerDelegator -> ProviderManager: this.delegate.authenticate()


ProviderManager -> ProviderManager: 匹配支持\nUsernamePasswordAuthenticationToken\n的Provider
activate ProviderManager
ProviderManager -> DaoAuthenticationProvider: provider.authenticate(authentication)
deactivate ProviderManager
DaoAuthenticationProvider -> DaoAuthenticationProvider:authenticate()\n密码判读
ProviderManager <-- DaoAuthenticationProvider: Authentication
AuthenticationManagerDelegator <-- ProviderManager: Authentication
ResourceOwnerPasswordTokenGranter <-- AuthenticationManagerDelegator: OAuth2Authentication
CompositeTokenGranter <-- ResourceOwnerPasswordTokenGranter: OAuth2AccessToken
TokenEndpoint <-- CompositeTokenGranter:OAuth2AccessToken
AuthController <-- TokenEndpoint:OAuth2AccessToken
客户端 <-- AuthController: OAuth2AccessToken
@enduml