Single Sign On (SSO) - workflow

Don Boots

I am looking to implement SSO in all my future php/angular applications. I see there are services (Auth0, oauth.io, etc) that are sort of the middle man of an SSO app and there are protocols such as OAuth 1.0/2.0 but in regards to creating a custom SSO solution (using aforementioned OAuth protocols, I assume), I am a little foggy on the complete flow of the process.

What I do get:

  • App gets Access Token
  • (optional) App validates Access Token
  • App (with Access Token) gets access to a particular API and returns result. For example, Facebook profile information.

What I don't get:

What to do with that information once I have it. Do I retain the access token and request information from the API source each time they login? How do I relate my own application data to the API data? Would I create a different kind of user record that just contains the access token and application's userid?

Parris Varney

Do I retain the access token and request information from the API source each time they login?

If the token does not expire, you can hold on to it in a data store and use it with each request. Many times, though, the token will expire, and you need to request a new one each time you start a session. In this case you'd probably store the token in memory instead of a permanent storage location.

How do I relate my own application data to the API data?

I think we'd need to know a little more about your application to answer this question.

Would I create a different kind of user record that just contains the access token and application's userid?

Again, we'd probably need a little more information about your application. If you were persisting the token (in the case that it doesn't expire), then you need to make some considerations about how you want to store it. If not, you can probably just put it into a local variable or session.

本文收集自互联网,转载请注明来源。

如有侵权,请联系[email protected] 删除。

编辑于
0

我来说两句

0条评论
登录后参与评论

相关文章

来自分类Dev

Joomla user authorization with external SSO

来自分类Dev

Trying to understand the Git Workflow

来自分类Dev

Single sign on using freeRadius and Apache?‏

来自分类Dev

OAuth和SSO功能

来自分类Dev

SAML 2.0:主动SSO与主动SSO

来自分类Dev

Weblogic + Kerberos + SSO

来自分类Dev

无法使用Grails通过CAS Single Sign-on登录

来自分类Dev

OpenID不是SSO机制吗?

来自分类Dev

std :: string SSO调整

来自分类Dev

Bluemix Single Sign On不显示登录页面

来自分类Dev

SSO(单点登录)如何工作

来自分类Dev

Laravel基于SAML的SSO

来自分类Dev

什么是Ubuntu SSO?

来自分类Dev

Ubuntu Single Sign On和Launchpad登录服务之间有什么关系?

来自分类Dev

实施SAML SSO

来自分类Dev

什么是Ubuntu SSO?

来自分类Dev

Ubuntu Single Sign On和Launchpad登录服务之间有什么关系?

来自分类Dev

始终授予Twitter SSO

来自分类Dev

实施SSO登录

来自分类Dev

Apps Marketplace SSO

来自分类Dev

JBoss SSO缓存

来自分类Dev

Weblogic + Kerberos + SSO

来自分类Dev

替换Chrome SSO标志

来自分类Dev

UX透视:我的Single Sign On服务器应该在同一域中吗?

来自分类Dev

无法使CAS Single Sign Out与Spring Security一起使用

来自分类Dev

一机CAS SSO

来自分类Dev

SSO 的 Azure AD 配置

来自分类Dev

如何使用顶级账户中的 AWS Single Sign On 配置来自不同账户的多个 AWS Connect 实例?

来自分类Dev

如何重定向到另一个应用程序 Single Sign On Identity Server 4 并注销