WSO2 Identity Server用户身份验证的HTTP请求 [英] HTTP requests for WSO2 Identity Server user authentication
问题描述
我正在编写一个REST API,供我们的内部应用程序使用.我需要通过http请求使用代码授予登录和注销身份服务器的用户
I am writing a REST API to be consumed by our internal applications. I need to login and logout users of the identity server using code grant via http requests
我需要知道如何调用以下端点:
I need to know how to call the following endpoints:
- /authorize(从服务器端调用)
- /accesstoken(从服务器端调用)
- /登录
- /注销
案例:
我们公司有很多应用程序.我希望在他们的company-x帐户中进行一次身份验证,就像您只需要登录到atlassian帐户即可访问jira和confluence云一样.我正在使用的REST API适用于我们的前端开发人员(截至目前).
Our company has many applications. I want one point of authentication which will happen in their company-x account like how you only need to login to atlassian account to access jira and confluence cloud. The REST API I'm working is for our front-end developers (as of now).
我不能简单地让用户登录WSO2 IS,因为他们只需要一个模块就可以管理他们的company-x配置文件和其他基本内容.通过这种方式,我认为我有2个选择:
I cannot simply let the user login to WSO2 IS since they only need a module where they can manage their company-x profile and other basic stuffs. By this I think I have 2 options:
- 自定义WSO2 Identity Server UI和权限.但是问题是,我仍然需要一个端点来获取该id_token .我也不确定这是否是正确的方法.
- 了解如何调用/authorize,/accesstoken,/login和/logout端点,并编写我自己的最低要求的用户界面,并提供一个端点,该端点将响应
id_token
- Customize WSO2 Identity Server UI and permissions. But the problem is, I still need an endpoint to get that id_token. I am also not sure if this is the right approach.
- Know how to call /authorize, /accesstoken, /login and /logout endpoint and write my own minimal required UI and provide an endpoint that will respond the
id_token
推荐答案
How about having a basic login page on front-end and use request path authenticator to get the authorization code/id_token.
这基本上意味着不需要将用户重定向到IS登录页面,而是可以从创建的基本登录页面中提取用户名和密码,并将授权授权请求与凭据一起发送.
Basically what this means is instead of redirecting the user to IS login page you can extract the username and password from the basic login page you created and send the authorization grant request along with the credentials.
因此您的授权码请求将是:
so your authorization code request will be:
https://localhost:9443/oauth2/authorize?response_type=code&client_id=JqB4NGZLMC6L3n4jz094FMls2Joa&redirect_uri=https://localhost/callback&scope=openid§oken=<sec_token>
sec_token = base64encode(username:password)
sec_token = base64encode(username:password)
您需要添加基本身份验证 服务提供商配置中的请求路径身份验证器" .该请求应返回授权code.如果您想要id_token,只需将隐式流与请求路径身份验证一起使用.
You need to add basic-auth request path authenticator in your Service Provider configurations. This request should return you an authorization code. If you want an id_token simply use the implicit flow with request path authentication.
这篇关于WSO2 Identity Server用户身份验证的HTTP请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
