oAuth
overview
目的:第三方登入
讓其他平台可以透過 AD 登入並取得使用者資訊
USER FLOW
THIRD PARTY SITE
OAUTH BTN
click -> redirect to AD Login Page
AD PLATFORM SITE
click -> popup confirm modal
(check the authorization scope)
Account
Password
Submit
scope
authorize third party site
confirm
click -> popup confirm modal
(check the authorization scope)
AD PLATFORM SITE
click -> popup confirm modal
(check the authorization scope)
Account
Password
Submit
scope
authorize third party site
confirm
click -> popup confirm modal
(check the authorization scope)
click -> redirect to third party site
and get user information
Inplement
AV
client
AD
AV
server
click -> with callback URL
accessToken(JWT)
request with Client Id/ Client Secret
Whitelist?
AV
client
AD
AV
server
click -> with callback URL/clientId
grandcode
request with grandcode/client secret
accessToken(JWT)
AD
THIRD PARTY
AD
THIRD PARTY
(A) request -> payload: callbackURL(THIRD PARTY SITE)
(B)
- login
- generate grandCode (Save with User Id )
- redirect to callback URL with grandCode
Oauth
By Jay Chou
Oauth
- 186