Authlete OAuth endpoint to retrieve claims data

2018-06-07 06:52:20

I'm trying to setup an authorization flow with Authlete, but I can't seem to figure out how I retrieve the claim data.

/auth/authorization <- gains me a ticket

/auth/authorization/issue <- allows me to set the claim data and retrieve token

However,

/auth/introspection <- does not return the claim data (just the list of claims)

/auth/userinfo <- does not return the claim data.

What is the endpoint to pass in the auth token and get the claim data?

/auth/introspection is an API to get information about an access token. Its response does not include any information about claims.

/auth/userinfo is an API to parse a request to your UserInfo Endpoint from a client application. Its response includes a list of claims whose values you are supposed to retrieve from your database.

The next step you should do is to pass the values of the claims to /auth/userinfo/issue API. The API's response contains a plain JSON or an ID token (which is a kind of JWT). Claim values are included there.

Please check the following open source repositories to see how Authlete APIs are called.

java-oauth-server (Authorization Server / OpenID Provider)

java-resource-server (Resource Server)

authlete-java-common (Wrapper library over Authlete APIs)

authlete-java-jaxrs (Utility library for JAX-RS)

You can find an example of UserInfo Endpoint implementation in UserInfoEndpoint.java (in java-resource-server). The UserInfoEndpoint class extends BaseUserInfoEndpoint class (in authlete-java-jaxrs).

Any additional questions are welcome. I'm a co-founder of Authlete and the one who has designed and implemented all the Authlete APIs :-)

I guess values of claim should be passed in string. (eg "claims": "{"email":"mail@example.com","email_verified":true}" ) if not, you cannot retrieve the claim data .

链接地址: http://www.djcxy.com/p/22344.html

上一篇: Laravel护照oauth /授权返回基本身份验证

下一篇: Authlete OAuth端点检索声明数据