[英]OAuth2 Provider with custom authentication
I am trying to implement a OAuth2 Provider, that authenticates users with a custom login. 我正在尝试实现OAuth2提供程序,该程序使用自定义登录名对用户进行身份验证。 For understanding I looked at the Spring Boot OAuth2 Tutorial .
为了理解,我看了Spring Boot OAuth2教程 。 I don't quite get, how I can implement my own Authentication meachnism to work with the OAuth2 SSO from my Server.
我不太了解如何实现自己的身份验证机制,以与服务器上的OAuth2 SSO一起使用。
I want to add custom authentication mechanisms (like "user has to answer a question for authentication" or "user has to enter id and click button for authentication") instead of the Facebook and Github examples. 我想添加自定义身份验证机制(例如“用户必须回答身份验证问题”或“用户必须输入ID并单击按钮进行身份验证”),而不是Facebook和Github示例。
I read about implementing my own AuthenticationProvider, but I am stuck how to combine all the puzzle parts. 我读过有关实现自己的AuthenticationProvider的信息,但是我对如何组合所有难题部分一无所知。
Let's go one step at a time. 让我们一次走一步。 OAuth is only authz provider so not talk about authentication.
OAuth只是authz提供程序,因此不谈论身份验证。 Now for your usecase specifically, if you want user to be authenticated then OAuth authz code based flow makes sense (You can even go for implicit flow, check rfc 6749).
现在专门针对您的用例,如果您希望对用户进行身份验证,则基于OAuth身份验证代码的流程就很有意义(您甚至可以使用隐式流程,请检查rfc 6749)。 Now how will this work for you.
现在,这将如何为您工作。 I am picking up the implicit flow for simplicity, Authz flow is just extension of it where end client gets a temporary code which it exchanges with Identity Server later to get the access token.
为了简单起见,我选择了隐式流程,Authz流程只是它的扩展,最终客户端获得了一个临时代码,该代码稍后与Identity Server交换以获取访问令牌。 Here are the steps:
步骤如下:
Client App hits the /authorization uri with data as per rfc 6749 客户端应用使用rfc 6749的数据访问/ authorization uri
After validating the submitted data, server forwards user to Login page (or other page for authentication). 验证提交的数据后,服务器会将用户转发到“登录”页面(或用于身份验证的其他页面)。 After authentication, cookie is set in the browser or data is stored in server to mark a user as authenticated.
认证后,在浏览器中设置cookie或将数据存储在服务器中以将用户标记为已认证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.