OpenID Protocol Explained

8,591 views
8,324 views

Published on

A description about how the OpenID protocol works in about 7 minutes

Published in: Technology, Design
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
8,591
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
22
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

OpenID Protocol Explained

  1. 1. This is the person who desires to access a web site. Person has: Name: ID: This is the browser he is using to access the web. Alex http://alex.provider.com/ Browser (User-Agent) This address represents Alex This is site that the user really want to access. For this example he wants to access his bank called “Big Bank”. Desired Site (OpenID Consumer) (Relying Party) http://bigbank.com/ Identity Page OpenID Provider http://provider.com/ This is site that is going to prove that Alex is really Alex.
  2. 2. Me! Alex Allentown Browser (User-Agent) http://alex.provider.com/ Identity Page
  3. 3. I will log In ONCE UserName: aallen321 Password: ************** LOGIN Browser (User-Agent) http://alex.provider.com/ Identity Page OpenID Provider
  4. 4. OK! OK, You are logged in to the OpenID service. Browser (User-Agent) http://alex.provider.com/ Identity Page OpenID Provider
  5. 5. Need to access the bank. Big Bank Enter your OpenID: http://alex.provider.com LOGIN Browser (User-Agent) http://bigbank.com/ Desired Site (OpenID Consumer) (Relying Party) Identity Page OpenID Provider
  6. 6. I clicked “Login” Headers: openid.server = http://provider.com/a.cgi openid.delegate = http://provider.com/a.cgi Browser (User-Agent) http://bigbank.com/ Desired Site Identity Page (OpenID Consumer) (Relying Party) http://alex.provider.com/
  7. 7. I am waiting Parameters: openid.mode = checkid_setup openid.identity = http://alex.provider.com/ openid.return_to = http://bigbank.com/... Browser (User-Agent) Send redirect http://provider.com/a.cgi Desired Site (OpenID Consumer) (Relying Party) OpenID Provider
  8. 8. I am waiting Additional Parameters: openid.mode = id_res openid.identity = http://alex.provider.com/ openid.return_to = http://bigbank.com/... openid.signed = mode,identity,return_to openid.assoc_handle = XXXXX openid.sig = YYYYY Browser (User-Agent) http://bigbank.com/... Send redirect Desired Site (OpenID Consumer) (Relying Party) OpenID Provider
  9. 9. I am waiting Same parameters as request except openid.mode = check_authentication Response in body: is_valid:true Browser (User-Agent) Desired Site (OpenID Consumer) (Relying Party) OpenID Provider
  10. 10. OK! Now I can get things done. Big Bank You are logged in! What would you like to do? Browser (User-Agent) Finally … generate page for display Desired Site (OpenID Consumer) (Relying Party) Identity Page OpenID Provider

×