OAuth 2.0 Cov yog tus qauv kev ruaj ntseg uas tso cai rau ib daim ntawv thov kom tau txais kev tso cai nkag mus rau cov ntaub ntawv hauv lwm daim ntawv thov. Ib ntus ntawm cov kauj ruam rau kev muab daim ntawv tso cai [tso cai] (los yog kev tso cai[kev pom zoo]) feem ntau hu kev tso cai[kev tso cai] los sis txawm tso cai tso cai[kev tso cai delegated]. Nrog rau tus qauv no, koj tso cai rau ib daim ntawv thov nyeem cov ntaub ntawv lossis siv cov haujlwm ntawm lwm daim ntawv thov rau koj yam tsis tau muab koj tus password rau nws. Chav kawm!
Ua piv txwv, cia peb hais tias koj nrhiav tau ib qhov chaw hu ua "Unlucky Pun of the Day" [Thiab Pun ntawm Hnub] thiab txiav txim siab sau npe rau nws thiaj li yuav tau txais cov ntawv sau txhua hnub hauv daim ntawv ntawm cov ntawv hauv xov tooj. Koj yeej nyiam qhov chaw, thiab koj txiav txim siab los qhia rau tag nrho koj cov phooj ywg. Tom qab tag nrho, txhua leej txhua tus nyiam creepy puns, txoj cai?
"Pun hmoov tsis zoo ntawm lub hnub: hnov ββtxog tus txiv leej tub uas poob sab laug ib nrab ntawm nws lub cev? Tam sim no nws yeej ib txwm yog!β (kwv yees txhais, vim hais tias tus thawj muaj nws tus kheej pun - approx. transl.)
Nws yog qhov tseeb tias kev sau ntawv rau txhua tus neeg los ntawm cov npe hu tsis yog ib qho kev xaiv. Thiab, yog tias koj txawm me ntsis zoo li kuv, ces koj yuav mus rau txhua qhov ntev kom tsis txhob ua haujlwm tsis tsim nyog. Hmoov zoo, Terrible Pun of the Day tuaj yeem caw tag nrho koj cov phooj ywg los ntawm nws tus kheej! Txhawm rau ua qhov no, koj tsuas yog yuav tsum qhib kev nkag mus rau koj tus email chaw nyob - lub xaib nws tus kheej yuav xa lawv cov ntawv caw (OAuth cov cai)!
βTxhua tus nyiam puns! - Twb tau nkag rau hauv? βKoj puas xav tso cai rau lub vev xaib txaus ntshai Pun of the Day nkag mus rau koj cov npe hu? - Ua tsaug! Txij ntawm no mus, peb yuav xa cov lus ceeb toom txhua hnub rau txhua tus neeg koj paub, txog thaum kawg! Koj yog phooj ywg zoo tshaj!"
Xaiv koj qhov kev pabcuam email.
Yog tias tsim nyog, mus rau qhov chaw xa ntawv thiab kos npe rau hauv koj tus account.
Muab kev tso cai txaus ntshai Pun of the Day nkag mus rau koj cov neeg.
Tus yuam sij uas tus neeg siv yuav siv los sib txuas lus nrog cov ntaub ntawv server'om. Ib hom ntawv cim lossis daim npav tseem ceeb uas muab Client'muaj kev tso cai thov cov ntaub ntawv lossis ua haujlwm rau cov ntaub ntawv server'e rau koj.
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Qee lub sij hawm Kev Tso Cai Server thiab Resource Server yog tib lub server. Txawm li cas los xij, qee zaum, cov no yuav yog cov servers sib txawv, txawm tias lawv tsis koom nrog tib lub koom haum. Piv txwv li, Kev Tso Cai Server tuaj yeem yog qhov kev pabcuam thib peb uas ntseeg tau los ntawm Lub Chaw Pabcuam Kev Pabcuam.
Tam sim no peb tau hais txog cov ntsiab lus tseem ceeb ntawm OAuth 2.0, cia peb rov qab mus rau peb qhov piv txwv thiab ua tib zoo saib seb qhov tshwm sim hauv OAuth ntws.
Koj, Cov tswv cuab, koj xav muab qhov txaus ntshai Pun ntawm hnub kev pabcuam (Clienty) nkag mus rau koj cov neeg sib cuag kom lawv tuaj yeem xa cov ntawv caw rau tag nrho koj cov phooj ywg.
Client redirects tus browser mus rau nplooj ntawv Kev Tso Cai Server'a thiab suav nrog hauv cov lus nug Neeg ID, Redirect URI, teb hom thiab ib lossis ntau dua Ntws (kev tso cai) nws xav tau.
Kev Tso Cai Server txheeb xyuas koj, nug tus username thiab password yog tias tsim nyog.
Kev Tso Cai Server qhia ib daim ntawv Kev tso cai (confirmations) nrog ib daim ntawv teev tag nrho Ntwsthov Client'om. Koj pom zoo lossis tsis kam.
Kev Tso Cai Server redirects koj mus rau lub site Client'a, siv Redirect URI ua ke nrog Ntawv Tso Cai (kev tso cai code).
Kev Tso Cai Server xyuas cov ntaub ntawv thiab teb nrog Kev Siv Token'om (access token).
Tam sim no Client siv tau Kev Siv Token xa ib daim ntawv thov rau cov ntaub ntawv server kom tau ib daim ntawv teev npe hu.
Client ID thiab zais cia
Ntev ua ntej koj tso cai txaus ntshai Pun ntawm Hnub kom nkag mus rau koj cov neeg sib cuag, Cov Neeg Siv Khoom thiab Cov Ntawv Tso Cai tau tsim muaj kev sib raug zoo ua haujlwm. Kev Tso Cai Server tau tsim cov Client ID thiab Client Secret (qee zaum hu ua ID daim ntawv thov ΠΈ App zais cia) thiab xa lawv mus rau Client rau kev sib cuam tshuam ntxiv hauv OAuth.
"- Nyob zoo! Kuv xav ua haujlwm nrog koj! - Tseeb, tsis muaj teeb meem! Nov yog koj tus Client ID thiab zais cia!β
Lub npe qhia tias Client Secret yuav tsum tau khaws cia zais cia kom tsuas yog Client thiab Authorization Server paub nws. Tom qab tag nrho, nws yog nrog nws cov kev pab uas tso cai Server lees paub qhov tseeb ntawm tus neeg siv khoom.
Tab sis tsis yog tag nrho... Thov txais tos OpenID Txuas!
OAuth 2.0 tsuas yog tsim los rau kev tso cai - muab kev nkag mus rau cov ntaub ntawv thiab kev ua haujlwm ntawm ib daim ntawv thov mus rau lwm qhov. OpenID Txuas (ODC) yog txheej nyias nyias nyob rau sab saum toj ntawm OAuth 2.0 uas ntxiv tus ID nkag mus thiab cov ntsiab lus ntawm tus neeg siv uas tau kos npe rau hauv tus account. Lub koom haum ntawm kev sib ntsib tus ID nkag mus feem ntau hu ua kev lees paub[authentication], thiab cov ntaub ntawv hais txog tus neeg siv nkag mus rau hauv qhov system (piv txwv li hais txog Cov tswv cuab'e), β tus kheej cov ntaub ntawv[Identity]. Yog tias Kev Tso Cai Server txhawb ODDC, qee zaum nws raug hu ua muab cov ntaub ntawv tus kheej[Identity provider]vim nws muab Client'muaj ntaub ntawv hais txog Cov tswv cuab'e.
OpenID Connect tso cai rau koj los siv cov xwm txheej uas ib tus ID nkag mus siv tau rau hauv ntau daim ntawv thov - txoj hauv kev no tseem hu ua ib leeg kos npe rau (SSO). Piv txwv li, ib daim ntawv thov yuav txhawb nqa SSO kev koom ua ke nrog kev sib raug zoo xws li Facebook lossis Twitter, tso cai rau cov neeg siv siv tus account uas lawv twb muaj thiab nyiam siv.
Qhov ntws (ntws) OpenID Connect zoo ib yam li hauv rooj plaub ntawm OAuth. Qhov sib txawv tsuas yog nyob rau hauv thawj qhov kev thov, qhov tshwj xeeb siv yog openid, -A Client nws thiaj li tau zoo li Kev Siv Token, thiab ID Token.