OpenID from EN to CN
LSZ
parent
1ffaa00618
commit
708453ce15
|
|
@ -928,7 +928,8 @@
|
||||||
OpenID Connect在OAuth 2.0授权流程的基础上,扩展实现了认证功能.
|
OpenID Connect在OAuth 2.0授权流程的基础上,扩展实现了认证功能.
|
||||||
在客户端(Clients)发起授权请求时扩展了请求的范围(scope)值包含<tt>openid</tt>.
|
在客户端(Clients)发起授权请求时扩展了请求的范围(scope)值包含<tt>openid</tt>.
|
||||||
认证执行返回的信息是一个<a class="info" href="#JWT">JSON Web Token
|
认证执行返回的信息是一个<a class="info" href="#JWT">JSON Web Token
|
||||||
(JWT)<span> (</span><span class="info">Jones, M., Bradley, J., and N. Sakimura, “JSON Web Token (JWT),” 2014年7月.</span><span>)</span></a>
|
(JWT)<span> (</span><span
|
||||||
|
class="info">Jones, M., Bradley, J., and N. Sakimura, “JSON Web Token (JWT),” 2014年7月.</span><span>)</span></a>
|
||||||
[JWT]
|
[JWT]
|
||||||
名叫 ID Token (详见 <a class="info" href="#IDToken">第2节<span> (</span><span
|
名叫 ID Token (详见 <a class="info" href="#IDToken">第2节<span> (</span><span
|
||||||
class="info">ID Token</span><span>)</span></a>).
|
class="info">ID Token</span><span>)</span></a>).
|
||||||
|
|
@ -1864,7 +1865,8 @@
|
||||||
<table border="0" cellpadding="0" cellspacing="2" align="center">
|
<table border="0" cellpadding="0" cellspacing="2" align="center">
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr>
|
<tr>
|
||||||
<td align="center"><font face="monaco, MS Sans Serif" size="1"><b> OpenID Connect "response_type" 值 </b></font><br>
|
<td align="center"><font face="monaco, MS Sans Serif" size="1"><b> OpenID Connect "response_type"
|
||||||
|
值 </b></font><br>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</tbody>
|
</tbody>
|
||||||
|
|
@ -1933,33 +1935,36 @@
|
||||||
<h3>3.1.1.
|
<h3>3.1.1.
|
||||||
授权码(Authorization Code)认证流程步骤</h3>
|
授权码(Authorization Code)认证流程步骤</h3>
|
||||||
|
|
||||||
<p>The Authorization Code Flow goes through the following
|
<p>
|
||||||
steps.
|
授权码(Authorization Code)认证流程步骤如下.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
</p>
|
</p>
|
||||||
<ol class="text">
|
<ol class="text">
|
||||||
<li>Client prepares an Authentication Request containing the desired
|
<li>
|
||||||
request parameters.
|
客户端(Client)准备一个包括所需请求参数的认证请求(Authentication Request).
|
||||||
</li>
|
</li>
|
||||||
<li>Client sends the request to the Authorization Server.
|
<li>
|
||||||
|
客户端(Client)发送该请求给授权服务器(Authorization Server).
|
||||||
</li>
|
</li>
|
||||||
<li>Authorization Server Authenticates the End-User.
|
<li>
|
||||||
|
授权服务器(Authorization Server)认证(Authenticates)最终用户(End-User).
|
||||||
</li>
|
</li>
|
||||||
<li>Authorization Server obtains End-User Consent/Authorization.
|
<li>
|
||||||
|
授权服务器(Authorization Server)获取最终用户(End-User)的同意/授权.
|
||||||
</li>
|
</li>
|
||||||
<li>Authorization Server sends the End-User back to the Client with
|
<li>
|
||||||
an Authorization Code.
|
授权服务器(Authorization Server)发送一个最终用户(End-User)的授权码(Authorization Code)给客户端(Client).
|
||||||
</li>
|
</li>
|
||||||
<li>Client requests a response using the Authorization Code at the
|
<li>
|
||||||
Token Endpoint.
|
客户端(Client)使用授权码(Authorization Code)向Token Endpoint发送请求并获取响应.
|
||||||
</li>
|
</li>
|
||||||
<li>Client receives a response that contains an ID Token
|
<li>
|
||||||
and Access Token in the response body.
|
客户端(Client)从响应的响应体中获取一个ID Token与Access Token.
|
||||||
</li>
|
</li>
|
||||||
<li>Client validates the ID token and retrieves the End-User's
|
<li>
|
||||||
Subject Identifier.
|
客户端(Client)校验ID令牌(ID token)并取回最终用户(End-User)的主体标识符(Subject Identifier).
|
||||||
</li>
|
</li>
|
||||||
</ol>
|
</ol>
|
||||||
<p>
|
<p>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue