- Communication with the Authorization Endpoint MUST utilize TLS. - See Section 16.17 (TLS Requirements) for more information on using TLS. + class="info">TLS的必要性) 获取更多使用TLS的信息.
- An Authentication Request is - an OAuth 2.0 Authorization Request that requests that the End-User - be authenticated by the Authorization Server. + 一个认证请求(Authentication Request)是一个最终用户(End-User) + 被授权服务器(Authorization Server)进行认证的 + OAuth 2.0的授权请求(Authorization Request).
-Authorization Servers MUST support the use of the HTTP GET and - POST methods defined in + 授权服务器(Authorization Servers)必须(MUST)支持使用 HTTP定义的 GET 与 + POST 请求方式 RFC - 2616 (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “Hypertext Transfer Protocol -- HTTP/1.1,” June 1999.) - [RFC2616] at the - Authorization Endpoint. - Clients MAY use the HTTP GET or - POST methods to send the - Authorization Request to the Authorization Server. If using the HTTP - GET method, the request parameters are serialized using - URI Query String Serialization, per (Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, “超文本传输协议 -- HTTP/1.1,” June 1999.) + [RFC2616] 在授权端点(Authorization Endpoint). + 客户端(Clients)可以(MAY)使用HTTP的 GET 或 + POST 请求方式发送授权请求(Authorization Request) + 到授权服务器(Authorization Server). 如果使用 HTTP的 + GET 请求方式, 则请求参数使用 + 查询字符(Query String)序列化, 参照 Section 13.1 (Query String Serialization). - If using the HTTP POST - method, the request parameters are serialized using - Form Serialization, per Query String Serialization) 进行序列化. + 如果使用 HTTP的 POST + 请求方式, 则请求参数使用 + 表单(Form)序列化, 参照 Section 13.2 (Form Serialization). + class="info">Form Serialization) 进行序列化.
- OpenID Connect uses the following OAuth 2.0 request parameters with - the Authorization Code Flow: + 在授权码(Authorization Code)流程中, OpenID Connect使用了OAuth 2.0协议中的请求参数如下:
@@ -2128,11 +2127,10 @@- OpenID Connect also uses the following OAuth 2.0 request parameter, - which is defined in + OpenID Connect也使用了OAuth2.0协议中定义在 OAuth 2.0 Multiple Response Type Encoding Practices (de Medeiros, B., Ed., Scurtescu, M., Tarjan, P., and M. Jones, “OAuth 2.0 Multiple Response Type Encoding Practices,” February 2014.) - [OAuth.Responses]: + [OAuth.Responses] 中的以下请求参数:
@@ -2158,7 +2156,7 @@- This specification also defines the following request parameters: + 本协议也定义了以下的请求参数:
@@ -2422,8 +2420,8 @@- Other parameters MAY be sent. - See Sections 3.2.2 (Authorization Endpoint), 3.3.2 (5.5 (Requesting Claims using the "claims" Request Parameter), 6 (Passing Request Parameters as JWTs), and + class="info">Passing Request Parameters as JWTs), 与 7.2.1 (Providing Information with the "registration" Request Parameter) - for additional Authorization Request parameters and parameter values - defined by this specification. + 获取更多在本协议中定义的可用于授权请求(Authorization Request)时的参数与参数值.
- The following is a non-normative example - HTTP 302 redirect response by the Client, which triggers - the User Agent to make an Authentication Request - to the Authorization Endpoint - (with line wraps within values for display purposes only): + 下面是一个使用HTTP 302重定向响应到 + 客户端(Client)的非规范性(non-normative)的示例, + 这将在用户代理(User Agent)发送一个认证请求(Authentication Request) + 到授权端点(Authorization Endpoint)时触发 + (仅为了更好的显示使用了换行):
@@ -2462,10 +2459,10 @@- The following is the non-normative example request - that would be sent by the User Agent to the Authorization Server - in response to the HTTP 302 redirect response by the Client above - (with line wraps within values for display purposes only): + 下面是一个非规范性(non-normative)的请求示例, + 在授权服务器(Authorization Server)响应HTTP 302重定向响应给客户端(Client)之前 + 用户代理(User Agent)发送的请求 + (仅为了更好的显示使用了换行):