dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0546303dac
lemonldap-ng/doc/pages/documentation/current/oauth2handler.html
Clément OUDOT 12fec2e41a Update documentation
2019-05-12 16:33:56 +02:00

98 lines
4.4 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:oauth2handler</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,oauth2handler"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="oauth2handler.html"/>
<link rel="contents" href="oauth2handler.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:oauth2handler","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="oauth2_handler">OAuth2 Handler</h1>
<div class="level1">
<p>
<img src="documentation/oauth-retina-preview.5ca2e2d7241bbcec7d492df10866fdd3.jpeg" class="mediacenter" alt="" width="200" />
</p>
</div>
<!-- EDIT1 SECTION "OAuth2 Handler" [1-95] -->
<h2 class="sectionedit2" id="presentation">Presentation</h2>
<div class="level2">
<p>
This Handler is able to check an OAuth2 access token to retrieve the user real session and protect a virtual host like a standard Handler (access control and HTTP headers transmission).
</p>
<p>
This requires to get an OAuth2 access token trough <abbr title="LemonLDAP::NG">LL::NG</abbr> Portal (OpenID Connect server). This access token can then be used in the <code>Authorization</code> header to authenticate to the Web Service / <abbr title="Application Programming Interface">API</abbr> protected by the OAuth2 Handler.
</p>
<p>
<img src="documentation/oauth2_handler.png" class="mediacenter" alt="" />
</p>
<div class="notetip">In the above schema, the OpenID Connect process is simplified. How the front application receives the Access Token depends on the requested flow (Authorization code, Implicit or Hybrid). In all cases, the application will have an Access Token and will be able to use it to request a Web Service.
</div>
<p>
Example:
</p>
<pre class="code">curl -H &quot;Authorization: Bearer de853461341e88e9def8fcb9db2a81c4&quot; https://oauth2.example.com/api/test | json_pp</pre>
<pre class="code javascript"><span class="br0">&#123;</span>
check<span class="sy0">:</span> <span class="kw2">true</span><span class="sy0">,</span>
user<span class="sy0">:</span> <span class="st0">&quot;dwho&quot;</span>
<span class="br0">&#125;</span></pre>
</div>
<!-- EDIT2 SECTION "Presentation" [96-1104] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
Protect you virtual host like any other virtual host with the standard Handler.
</p>
<p>
Define access rules and headers. Then in <code>Options</code> &gt; <code>Type</code>, choose <code>OAuth2</code>.
</p>
</div>
<!-- EDIT3 SECTION "Configuration" [1105-] --></div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink