Recommended
Recommended
More Related Content
Viewers also liked
Viewers also liked (19)
More from Keith Swenson
More from Keith Swenson (19)
Recently uploaded
Recently uploaded (20)
OpenID Protocol Explained
- 1. This is the person who desires to access a web site. Person has: Name: ID: This is the browser he is using to access the web. Alex http://alex.provider.com/ Browser (User-Agent) This address represents Alex This is site that the user really want to access. For this example he wants to access his bank called “Big Bank”. Desired Site (OpenID Consumer) (Relying Party) http://bigbank.com/ Identity Page OpenID Provider http://provider.com/ This is site that is going to prove that Alex is really Alex.
- 3. I will log In ONCE UserName: aallen321 Password: ************** LOGIN Browser (User-Agent) http://alex.provider.com/ Identity Page OpenID Provider
- 4. OK! OK, You are logged in to the OpenID service. Browser (User-Agent) http://alex.provider.com/ Identity Page OpenID Provider
- 5. Need to access the bank. Big Bank Enter your OpenID: http://alex.provider.com LOGIN Browser (User-Agent) http://bigbank.com/ Desired Site (OpenID Consumer) (Relying Party) Identity Page OpenID Provider
- 6. I clicked “Login” Headers: openid.server = http://provider.com/a.cgi openid.delegate = http://provider.com/a.cgi Browser (User-Agent) http://bigbank.com/ Desired Site Identity Page (OpenID Consumer) (Relying Party) http://alex.provider.com/
- 7. I am waiting Parameters: openid.mode = checkid_setup openid.identity = http://alex.provider.com/ openid.return_to = http://bigbank.com/... Browser (User-Agent) Send redirect http://provider.com/a.cgi Desired Site (OpenID Consumer) (Relying Party) OpenID Provider
- 8. I am waiting Additional Parameters: openid.mode = id_res openid.identity = http://alex.provider.com/ openid.return_to = http://bigbank.com/... openid.signed = mode,identity,return_to openid.assoc_handle = XXXXX openid.sig = YYYYY Browser (User-Agent) http://bigbank.com/... Send redirect Desired Site (OpenID Consumer) (Relying Party) OpenID Provider
- 9. I am waiting Same parameters as request except openid.mode = check_authentication Response in body: is_valid:true Browser (User-Agent) Desired Site (OpenID Consumer) (Relying Party) OpenID Provider
- 10. OK! Now I can get things done. Big Bank You are logged in! What would you like to do? Browser (User-Agent) Finally … generate page for display Desired Site (OpenID Consumer) (Relying Party) Identity Page OpenID Provider