Zindikirani. transl.: Nkhani yabwinoyi yolembedwa ndi Okta ikufotokoza momwe OAuth ndi OIDC (OpenID Connect) zimagwirira ntchito m'njira yosavuta komanso yomveka bwino. Chidziwitsochi chidzakhala chothandiza kwa omanga, oyang'anira machitidwe, ngakhale "ogwiritsa ntchito nthawi zonse" a mapulogalamu otchuka a intaneti, omwe nthawi zambiri amasinthanitsa zinsinsi ndi ntchito zina.
Mu Stone Age ya intaneti, kugawana zambiri pakati pa mautumiki kunali kosavuta. Munangopereka malowedwe anu ndi mawu achinsinsi kuchokera pautumiki wina kupita ku wina, kotero kuti adalowa muakaunti yanu ndikulandila chilichonse chomwe angafune.
Mwachitsanzo, tiyerekeze kuti mwapeza tsamba lotchedwa "Unlucky Pun of the Day" [Zowopsa Zatsiku] ndipo adaganiza zolembetsa kuti alandire ma puns tsiku lililonse ngati mameseji pafoni. Mwakonda kwambiri tsambali, ndipo mudaganiza zogawana ndi anzanu onse. Kupatula apo, aliyense amakonda ma puns owopsa, sichoncho?
"Zachisoni za tsikuli: Munamva za munthu yemwe adataya theka lakumanzere la thupi lake? Tsopano amakhala wolondola nthawi zonse!β (kutanthauzira pafupifupi, chifukwa choyambiriracho chili ndi mawu ake - pafupifupi transl.)
Zikuwonekeratu kuti kulembera munthu aliyense kuchokera pamndandanda wolumikizana nawo sichosankha. Ndipo, ngati muli ngati ine pang'ono, ndiye kuti mudzayesetsa kupewa ntchito zosafunikira. Mwamwayi, Terrible Pun of the Day imatha kuyitana anzanu onse okha! Kuti muchite izi, mumangofunika kutsegula maimelo omwe mumalumikizana nawo - tsambalo liwatumizira maitanidwe (malamulo a OAuth)!
"Aliyense amakonda masewera! - Mwalowa kale? "Kodi mungakonde kulola tsamba la Terrible Pun of the Day kuti lipeze mndandanda wa omwe mumalumikizana nawo? - Zikomo! Kuyambira pano, tidzatumiza zikumbutso tsiku lililonse kwa aliyense amene mumamudziwa, mpaka kumapeto kwa nthawi! Ndiwe bwenzi lapamtima!"
Sankhani ntchito yanu ya imelo.
Ngati ndi kotheka, pitani patsamba la makalata ndikulowa muakaunti yanu.
Perekani chilolezo cha Terrible Pun of the Day kuti mulumikizane ndi anzanu.
Bwererani ku Malo Owopsa a Pun of the Day.
Mukasintha malingaliro anu, mapulogalamu ogwiritsira ntchito OAuth amaperekanso njira yoletsera mwayi wofikira. Mukangoganiza kuti simukufunanso kugawana zolumikizana ndi Terrible Pun of the Day, mutha kupita patsamba la makalata ndikuchotsa tsamba la pun pamndandanda wamapulogalamu ovomerezeka.
Kuyenda kwa OAuth
Tangodutsa kumene kumatchedwa kuyenda[kuyenda] OAuth. Mu chitsanzo chathu, kuyenda uku kumakhala ndi masitepe owoneka, komanso njira zingapo zosaoneka, zomwe mautumiki awiri amavomereza pa kusinthanitsa kotetezedwa kwa chidziwitso. Chitsanzo cham'mbuyo cha Terrible Pun of the Day chimagwiritsa ntchito njira yodziwika bwino ya OAuth 2.0, yomwe imadziwika kuti "authorization code". ["code code" tuluka].
Seva Yovomerezeka amatenga Zolembaanapempha kasitomala'om, ndikufunsa Mwini Zida'a, ali wokonzeka kupereka kasitomala'kukhala ndi zilolezo zoyenera.
Chidziwitso cha Makasitomala:
ID iyi imagwiritsidwa ntchito kuzindikira kasitomala'a pa Seva Yovomerezeka'e.
Chinsinsi cha Makasitomala:
Ili ndi mawu achinsinsi omwe amadziwika okha kasitomala'u ndi Seva Yovomerezeka'ku. Zimawathandiza kugawana zambiri mwachinsinsi.
Chilolezo chololeza:
Code yosakhalitsa yokhala ndi nthawi yochepa yovomerezeka, yomwe kasitomala amapereka Seva Yovomerezeka'y posinthana Pezani Chizindikiro.
Pezani Chizindikiro:
Mfungulo yomwe kasitomala adzagwiritsa ntchito polumikizana nayo seva zothandizira'om. Mtundu wa baji kapena kiyi khadi yomwe imapereka kasitomala'kukhala ndi chilolezo chopempha deta kapena kuchitapo kanthu seva zothandiziram'malo mwanu.
ndemanga: Nthawi zina Authorization Server ndi Resource Server ndi seva yomweyo. Komabe, nthawi zina, awa akhoza kukhala ma seva osiyana, ngakhale sali a bungwe lomwelo. Mwachitsanzo, Seva Yovomerezeka ikhoza kukhala ntchito ya chipani chachitatu yodalirika ndi Resource Server.
Tsopano popeza tafotokoza mfundo zazikuluzikulu za OAuth 2.0, tiyeni tibwerere ku chitsanzo chathu ndikuwona bwino zomwe zimachitika mumayendedwe a OAuth.
Inu, Mwini Zida, mukufuna kupereka ntchito ya Terrible Pun of the Day (kasitomalay) kupeza omwe mumalumikizana nawo kuti athe kutumiza maitanidwe kwa anzanu onse.
kasitomala imalozeranso msakatuli kutsamba Seva Yovomerezeka'a ndikuphatikizanso mufunso Chidziwitso cha Makasitomala, Londoleranso URI, Mtundu Wamayankho ndi chimodzi kapena zingapo Zolemba (zilolezo) zimafunikira.
Seva Yovomerezeka amakutsimikizirani, ndikufunsani dzina lolowera ndi mawu achinsinsi ngati kuli kofunikira.
Seva Yovomerezeka akuwonetsa fomu Kuvomereza (zitsimikizo) ndi mndandanda wa zonse Zolembaanapempha kasitomala'om. Mukuvomereza kapena kukana.
Seva Yovomerezeka amakulowetsani kumalo kasitomala'a, kugwiritsa Londoleranso URI pamodzi ndi Chilolezo chololeza (kodi chilolezo).
kasitomala amalumikizana mwachindunji ndi Seva Yovomerezeka'ohm (kudutsa msakatuli Mwini Zida'a) ndikutumiza mosatekeseka Chidziwitso cha Makasitomala, Chinsinsi cha Makasitomala ΠΈ Chilolezo chololeza.
Seva Yovomerezeka amayang'ana deta ndikuyankha ndi Pezani Chizindikiro'om (chizindikiro chofikira).
Tsopano kasitomala akhoza kugwiritsa ntchito Pezani Chizindikiro kutumiza pempho kwa seva zothandizira kuti mupeze mndandanda wazolumikizana.
ID ya kasitomala ndi Chinsinsi
Kale musanalole Zoyipa Zowopsa za Tsikuli kuti mulumikizane ndi omwe mumalumikizana nawo, Client and Authorization Server idakhazikitsa ubale wogwira ntchito. Seva Yovomerezeka idapanga ID ya kasitomala ndi Chinsinsi cha kasitomala (nthawi zina amatchedwa ID ID ΠΈ Chinsinsi cha App) ndikuwatumiza kwa Makasitomala kuti azilumikizananso ndi OAuth.
"- Moni! Ndikufuna kugwira nanu ntchito! - Zedi, palibe vuto! Nayi ID yanu Yamakasitomala ndi Chinsinsi!
Dzinali limatanthauza kuti Chinsinsi cha kasitomala chiyenera kusungidwa mwachinsinsi kuti Wothandizira ndi Wopereka Authorization yekha adziwe. Kupatula apo, ndi thandizo lake kuti Authorization Server imatsimikizira zoona za kasitomala.
Koma si zokhazo... Chonde landirani OpenID Connect!
OAuth 2.0 idapangidwira kokha chilolezo - kupereka mwayi wopeza deta ndi ntchito kuchokera ku pulogalamu ina kupita ku ina. OpenID Lumikizani (OIDC) ndi gawo lopyapyala pamwamba pa OAuth 2.0 lomwe limawonjezera zolowera ndi mbiri ya wogwiritsa ntchito yemwe walowa muakaunti. Kukonzekera kwa gawo lolowera nthawi zambiri kumatchedwa kutsimikizika[kutsimikizira], ndi zambiri za wosuta adalowa mudongosolo (ie Mwini Zidandi), - zambiri zanu[chidziwitso]. Ngati Authorization Server imathandizira OIDC, nthawi zina imatchedwa wopereka deta yanu[Identity provider]chifukwa amapereka kasitomala' Dziwani zambiri za Mwini Zida'e.
OpenID Connect imakulolani kuti mugwiritse ntchito zochitika zomwe malowedwe amodzi angagwiritsidwe ntchito pamapulogalamu angapo - njirayi imadziwikanso kuti kusaina kamodzi (SSO). Mwachitsanzo, pulogalamu ikhoza kuthandizira kuphatikiza kwa SSO ndi malo ochezera a pa Intaneti monga Facebook kapena Twitter, kulola ogwiritsa ntchito kugwiritsa ntchito akaunti yomwe ali nayo kale ndipo amakonda kugwiritsa ntchito.
Kuthamanga (kuthamanga) OpenID Connect kumawoneka chimodzimodzi monga momwe zilili ndi OAuth. Kusiyana kokha ndiko kuti mu pempho loyamba, kuchuluka kwapadera komwe kumagwiritsidwa ntchito ndi openid, -A kasitomala pomaliza zimakhala ngati Pezani Chizindikiro, ndi Chizindikiro cha ID.
Monga momwe mukuyenda kwa OAuth, Pezani Chizindikiro mu OpenID Connect, ichi ndi mtengo wina womwe sudziwika bwino kasitomala'ku. Kuchokera pamalingaliro kasitomala'ndi Pezani Chizindikiro imayimira mndandanda wa zilembo zomwe zimaperekedwa pamodzi ndi pempho lililonse seva zothandizira'y, zomwe zimatsimikizira ngati chizindikirocho ndichabwino. Chizindikiro cha ID imayimira chinthu chosiyana kotheratu.
Chizindikiro cha ID ndi JWT
Chizindikiro cha ID ndi mndandanda mwapadera wa zilembo zomwe zimadziwika kuti JSON Web Token kapena JWT (nthawi zina ma tokeni a JWT amatchulidwa ngati "jots"). Kwa owonera akunja, JWT imatha kuwoneka ngati yabodza yosamvetsetseka, koma kasitomala amatha kuchotsa zambiri mu JWT, monga ID, dzina lolowera, nthawi yolowera, tsiku lotha ntchito Chizindikiro cha ID'a, kukhalapo kwa zoyesayesa zosokoneza JWT. Deta mkati Chizindikiro cha ID'a amatchedwa mapulogalamu[mawu].
Pankhani ya OIDC, palinso njira yokhazikika yochitira kasitomala akhoza kupempha zambiri zokhudza munthuyo [chidziwitso] ΠΎΡ Seva Yovomerezeka'a, mwachitsanzo, imelo adilesi yogwiritsa ntchito Pezani Chizindikiro.
Dziwani zambiri za OAuth ndi OIDC
Chifukwa chake, tawonanso mwachidule momwe OAuth ndi OIDC zimagwirira ntchito. Mwakonzeka kukumba mozama? Nazi zowonjezera zomwe zingakuthandizeni kudziwa zambiri za OAuth 2.0 ndi OpenID Connect: