OpenAM 隐式授权流用户名 [英] OpenAM Implict grant flow username

问题描述

我已经使用 IWebBrowser2 控件实现了 oAuth2 隐式授权流程，从 openAM 出现身份验证对话框我输入了用户名和密码，它给了我访问令牌.但是我的应用程序如何知道哪个用户名已通过身份验证，我还需要从我的数据库中验证这个用户名吗?

I have implemented oAuth2 Implicit grant flow using IWebBrowser2 control, the authentication dialog box appears from openAM I have entered user name and password it give me access token. But how my application knows which user name is authenticated, I need this user name to be validated from my database also?

推荐答案

如果您请求openid"范围，您将获得一个访问令牌以及一个名为id_token"的 JWT 令牌.JWT 包含用户名.

If you request the "openid" scope you will get an access token along with a JWT token called "id_token". The JWT contains the user name.

您还可以使用访问令牌调用 userinfo 端点 - 这将返回一个带有用户名的 json 响应.

You can also use the access token to call out to the userinfo endpoint - which will return a json response with the username.

见http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/admin-guide/index/chap-openid-connect.html#openam-openid-implicit-client-个人资料

欲知更多详情.

OpenAM 源代码附带了一个示例应用程序.请参阅 https://wikis.forgerock.org/confluence/display/openam/OAuth+2.0%3A+Get+Started+with+the+Demo+Client 了解如何安装它.

There is a sample application that comes with the OpenAM source code. See https://wikis.forgerock.org/confluence/display/openam/OAuth+2.0%3A+Get+Started+with+the+Demo+Client for information on how to install it.

这篇关于OpenAM 隐式授权流用户名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！