从oAuth客户端角度来看,OpenID connect和oAuth2之间的区别
[英]Difference between OpenID connect and oAuth2 from an oAuth client perspective
问题描述
Okay, I understand that OpenID Connect is about authentication and oAuth2.0 is about authorization and OpenID Connect is built on top of oAuth2.0. 
好的,我知道OpenID Connect与身份验证有关,而oAuth2.0与授权有关,并且OpenID Connect建立在oAuth2.0之上。 I also understand the difference between these two terms. 我也了解这两个术语之间的区别。
I am creating a web app which is also an oAuth2.0 client. 我正在创建一个Web应用程序,它也是一个oAuth2.0客户端。 A user first needs to sign in to Google in order to use my app. 用户首先需要登录Google才能使用我的应用。 After I receive access_token I query google api and get all the neccessary info about a user. 收到access_token后,我查询google api并获取有关用户的所有必要信息。 Google uses OpenID protocol. Google使用OpenID协议。
AFAIK Facebook uses just oAuth2.0. AFAIK Facebook仅使用oAuth2.0。 But the flow is basically the same as it is with Google. 但是流程基本上与Google相同。 So what is the difference here? 那么,这里有什么区别?
1 个解决方案
解决方案1
3 2014-12-17 07:00:53
The difference is that OpenID Connect standardizes the so-called userinfo endpoint and the claims that are returned from that endpoint. 区别在于,OpenID Connect标准化了所谓的userinfo端点和从该端点返回的声明。 Facebook uses a proprietary endpoint and claims set, therefore Facebook does not conform to OpenID Connect even though both provide a similar login mechanism. Facebook使用专有的端点和声明集,因此,即使两者都提供了类似的登录机制,Facebook也不符合OpenID Connect。 Since they both are built on top of OAuth 2.0, Facebook is an OAuth 2.0 protocol with a custom extension and OpenID Connect is an OAuth 2.0 with a standardized extension (or: profile). 由于它们都是基于OAuth 2.0构建的,因此Facebook是具有自定义扩展名的OAuth 2.0协议,而OpenID Connect是具有标准化扩展名(或:配置文件)的OAuth 2.0。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.