...
OAuth 2.0 is described in RFC-6749. OAuth 2.0 defines a process for accessing user information from a Resource Server as authorized by the resource owner. In the scope of this document the resource owner is always an end-user. OAuth 2.0 leaves protocol implementation largely open, so these must be complemented by other specifications. In the case of implemented use cases the protocols are filled in by OpenID Connect Core 1.0 specification.
The Ubisecure OAuth 2.0 Client is implemented specifically to enable authentication for users of certain social media services and the protocols are implemented from this standpoint. All possible data interchange formats and protocols will not be supported for now, so it is required to parameterize certain resource servers to return information in the currently supported JSON format.
...
Gliffy | ||||
---|---|---|---|---|
|
Terms and Definitions
TERM | DEFINITION |
---|---|
Client | RFC-6749: An application making protected resource requests on behalf of the resource owner and with its authorization. The term "client" does not imply any particular implementation characteristics (e.g, whether the application executes on a server, a desktop, or other devices). |
Resource Owner | RFC-6749: An entity capable of granting access to a protected resource. When the resource owner is a person, it is referred to as an end-user. |
Resource Server | RFC-6749: The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens. |
Authorization Server | RFC-6749: The server issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization. |
Authorization Endpoint | RFC-6749: Used by the client to obtain authorization from the resource owner via user-agent redirection. |
Token endpoint | RFC-6749: Used by the client to exchange an authorization grant for an access token, typically with client authentication. |
Redirection Endpoint | RFC-6749: Used by the authorization server to return responses containing authorization credentials to the client via the resource owner user-agent. |
UserInfo Endpoint | OpenID Connect: The UserInfo Endpoint is an OAuth 2.0 Protected Resource that returns Claims about the authenticated End-User. To obtain the requested Claims about the End-User, the Client makes a request to the UserInfo Endpoint using an Access Token obtained through OpenID Connect Authentication. These Claims are represented as a JSON object that contains a collection of name and value pairs for the Claims. |
...