码迷,mamicode.com
首页 > 其他好文 > 详细

oidc hybrid flow

时间:2019-11-20 23:46:38      阅读:87      评论:0      收藏:0      [点我收藏+]

标签:when   step   serve   red   ecif   def   ecs   stat   lob   

3.3.1. Hybrid Flow Steps
The Hybrid Flow follows the following steps:

Client prepares an Authentication Request containing the desired request parameters.
Client sends the request to the Authorization Server.
Authorization Server Authenticates the End-User.
Authorization Server obtains End-User Consent/Authorization.
Authorization Server sends the End-User back to the Client with an Authorization Code and, depending on the Response Type, one or more additional parameters.
Client requests a response using the Authorization Code at the Token Endpoint.
Client receives a response that contains an ID Token and Access Token in the response body.
Client validates the ID Token and retrieves the End-User‘s Subject Identifier.

3.2.1. Implicit Flow Steps
The Implicit Flow follows the following steps:

Client prepares an Authentication Request containing the desired request parameters.
Client sends the request to the Authorization Server.
Authorization Server Authenticates the End-User.
Authorization Server obtains End-User Consent/Authorization.
Authorization Server sends the End-User back to the Client with an ID Token and, if requested, an Access Token.
Client validates the ID token and retrieves the End-User‘s Subject Identifier.

3.3.2.5. Successful Authentication Response
When using the Hybrid Flow, Authentication Responses are made in the same manner as for the Implicit Flow, as defined in Section 3.2.2.5, with the exception of the differences specified in this section.

These Authorization Endpoint results are used in the following manner:

access_token
OAuth 2.0 Access Token. This is returned when the response_type value used is code token, or code id_token token. (A token_type value is also returned in the same cases.)
id_token
ID Token. This is returned when the response_type value used is code id_token or code id_token token.
code
Authorization Code. This is always returned when using the Hybrid Flow.
The following is a non-normative example of a successful response using the Hybrid Flow (with line wraps for the display purposes only):

  HTTP/1.1 302 Found
  Location: https://client.example.org/cb#
    code=SplxlOBeZQQYbYS6WxSbIA
    &id_token=eyJ0 ... NiJ9.eyJ1c ... I6IjIifX0.DeWt4Qu ... ZXso
    &state=af0ifjsldkj

https://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowSteps
https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowSteps
https://www.cnblogs.com/stulzq/p/7833480.html

oidc hybrid flow

标签:when   step   serve   red   ecif   def   ecs   stat   lob   

原文地址:https://www.cnblogs.com/wswind/p/11901789.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!