提示用户输入密码-Google OpenID Connect [英] Prompt user to enter password - Google OpenID Connect
问题描述
我们正尝试将Google的OpenID Connect用于商业Web应用程序,但担心该用户将使该应用程序处于打开状态,并且由于该用户仍登录到Google,因此未经授权的用户将登录,因此OpenID Connect可以让他们正确使用内.
We are trying to use Google's OpenID Connect for a business web app but are concerned that the user will leave the app open and an unauthorized user will sign-in because the user is still signed into Google so OpenID Connect just let's them right in.
我们尝试使用在OpenID Connect中已被max_auth_age=0参数.max_age代替.
我确实看到admin.google.com上的Google App控制面板通常会重新提示用户输入密码,而其他任何登录信息都不会.但是看着授权URL,我看不到任何会触发这种情况发生的事情.
I do see that Google App's control panel at admin.google.com does usually re-prompt the user for a password while any other login won't. But looking at the authorization URL I don't see anything that would be triggering this to happen.
这是我们当前的授权URL:
https://accounts.google.com/o/oauth2/auth?prompt=select_account&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww....com%2Fauth%2Fuserinfo.profile&state=%2F&redirect_uri=https://www.foo.com/callback&response_type=token&client_id=...
Here is our current authorization URL:
https://accounts.google.com/o/oauth2/auth?prompt=select_account&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww....com%2Fauth%2Fuserinfo.profile&state=%2F&redirect_uri=https://www.foo.com/callback&response_type=token&client_id=...
也许我们添加了一个可以触发Google进入高安全性模式的作用域,但到目前为止我还没有发现任何东西.
Perhaps if we added a certain scope that could trigger Google to go into high security mode, but I haven't found anything so far.
推荐答案
无法控制重新认证,如,也不记录在以下记录中: https://groups.google.com/forum/#!topic/google-federated-login-api/KT6pSp4VNaQ
There's no way to control re-authentication as indicated in: Google OpenID Connect: Receiving a 500 error when supplying the "max_age" parameter to an authentication request nor step-up as recorded in: https://groups.google.com/forum/#!topic/google-federated-login-api/KT6pSp4VNaQ
这篇关于提示用户输入密码-Google OpenID Connect的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
