single sign on with oauth and openid

Jérôme Gasperi

Single Sign On with OAuth and OpenID

WGISS-36ESA/ESRIN - Frascati, Italy - September 19th, 2013

OpenID is an open standard for authentication. Model is based on confidence links between Service Providers and Authentication Providers (i.e. OpenID providers) to achieve Single Sign On authentication

OAuth is an open standard for authorization.It provides a method for clients to access server resources on behalf of a resource owner

etc...

ExperimentFilter access to Kalideos (i.e. SPOT) data through a secured WMS server using OpenID Connect (i.e. OpenID over OAuth)

Kalideos Server

Identity Server

WMS Server

1. Ask for authentication

2. Redirect to Identity Server

5. Send OAuth token

6. Get user informationusing OAuth token

10. Return user information

9. Send OAuth token forvalidation and get userinformation

3. Authentication with OAuth(OpenID Connect)

4. Return OAuth token

8. Send OAuth token

14. Ask for WMS feed

15. Return WMS feed

11. Ask for user rights

12. Get user rights

13. Create user session

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

Kalideos Server

Identity Server

WMS Server

5. Send OAuth token

8. Send OAuth token

15. Return WMS feed

12. Get user rights

OpenID Connect planned to be used in Theia (i.e. French Land Surface Thematic Center)

single sign on with oauth and openid

user information7

user session

user rights4

oauth token9

oauth token11

oauth token14

user rightskalideos

oauth openid connect2

Technology

cis14: oauth and openid connect in action

openid and oauth

yahoo! openid and oauth 1 allen tom yahoo! membership...

securing your apis with oauth, openid, and openid connect

recentevolutionsinthe oauth 2.0 and openid … ·...

oauth 2 und openid connect securing microservices … ·...

i/o preso: openid and oauth for google apps - chrome browser

oauth 2.0 & openid connect @ opensource conference 2011...

oracle banking apis openid guide banking api… · openid 5...

enterprise openid sso oauth for google apps

mobile authentication and authorisation: openid and oauth

lascon 2017: saml v. openid v. oauth

oauth 2.0 e openid connect

oauth 2.0 web messaging response mode - openid summit tokyo...

openid/oauth and yql with .net

single sign-on security - hackmanit...3 history of single...

from a proposal to happy marriage...openid connect 2005 saml...

demogala 2010: openid and oauth, technologies to increase...

securing restful apis using oauth 2 and openid connect

authorization architecture patterns: how to avoid pitfalls...