Changes for page 2. Authenticating with your OIDC client and fetch collab user info
Last modified by messines on 2021/06/08 17:32
Summary
-
Page properties (1 modified, 0 added, 0 removed)
-
Attachments (0 modified, 0 added, 1 removed)
Details
- Page properties
-
- Content
-
... ... @@ -6,54 +6,5 @@ 6 6 7 7 The client is confidential with a secret, you obtain it throught the registering oidc client tutorial above. 8 8 9 -[[image:Screenshot 2020-07-15 at 17.47.12.png]] 10 10 11 - 12 -The whole authentication flow presented here is based on the official OAuth2 rfc describe in the section 4.1 13 - 14 -[[https:~~/~~/tools.ietf.org/html/rfc6749#section-4.1>>https://tools.ietf.org/html/rfc6749#section-4.1]] 15 - 16 -== Authentication flow == 17 - 18 -=== Authorization Code Grant === 19 - 20 -==== Request ==== 21 - 22 -/GET on [[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth >>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth]] 23 - 24 -with query parameters 25 - 26 -* response_type=code 27 -* client_id=community-apps-tutorial 28 -* redirect_uri=[[https:~~/~~/www.getpostman.com/oauth2/callback>>https://www.getpostman.com/oauth2/callback]] 29 -* login=true 30 -* scope=openid+group+team 31 - 32 -so 33 - 34 -[[https:~~/~~/iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth?response_type=code&client_id=community-apps-tutorial&redirect_uri=https:~~/~~/www.getpostman.com/oauth2/callback&login=true&scope=openid+group+team>>https://iam.ebrains.eu/auth/realms/hbp/protocol/openid-connect/auth?response_type=code&client_id=community-apps-tutorial&redirect_uri=https://www.getpostman.com/oauth2/callback&login=true&scope=openid+group+team]] 35 - 36 -Of course replace **client_id** and **redirect_uri** with your own configuration 37 - 38 -This will redirect you to the login page of **iam **where your user must enter they username/password 39 - 40 -==== Scope ==== 41 - 42 -In the request you can see a scope **parameter** 43 - 44 -* **openid : **This scope is required in oidc, it contains basic information of the user such as it username, email and full name. 45 -* **group **( optional ) **:** 46 - 47 -==== Response ==== 48 - 49 -After the loggin, you got a 301 redirection and 200 success http response with a **code** inside 50 - 51 -[[https:~~/~~/www.getpostman.com/oauth2/callback?session_state=a0ff8a68-2654-43ef-977a-6c15ce343546&code=f3f04f93-hbp-482d-ac3d-demo.turtorial.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7>>https://www.getpostman.com/oauth2/callback?session_state=a0ff8a68-2654-43ef-977a-6c15ce598886&code=f3f04f93-b98d-482d-ac3d-414cead54de0.a0ff8a68-2654-43ef-977a-6c15ce598886.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7]] 52 - 53 -(% class="box infomessage" %) 54 -((( 55 -the code is very important for the next step here the code is //f3f04f93-hbp-482d-ac3d-demo.turtorial.7122c1d9-3f7e-4d80-9c4f-dcd244bc2ec7// 56 -))) 57 - 58 - 59 59
- Screenshot 2020-07-15 at 17.47.12.png
-
- Author
-
... ... @@ -1,1 +1,0 @@ 1 -XWiki.messines - Size
-
... ... @@ -1,1 +1,0 @@ 1 -184.0 KB - Content