OpenID Connect 是否支持资源所有者密码凭证授予? [英] Does OpenID Connect support the Resource Owner Password Credentials grant?

问题描述

我之前一直在使用 OAuth 资源所有者凭据流进行授权.

但是我现在想考虑使用 openid connect 进行身份验证和授权，并且想知道 openid connect 中是否支持资源所有者凭据流.

解决方案

是的，OpenID Connect 支持所有 OAuth 2.0 授权类型，包括 Resource Owner Password Credentials Grant 和 Client Credentials Grant.

正如我们所知，授权代码授予和隐式授予是典型的三足流程，包括客户端、授权服务器和用户之间的交互.虽然 Resource Owner Password Credential Grant 和 Client Credential Grant 是 2-legged，这意味着客户端使用预先授权的范围，因此不需要与用户交互，无需在典型流程中执行其中一个分支.

这里有一个参考:配置 OpenID Connect 提供程序以启用 2-legged OAuth 请求

I have been using OAuth resource owner credential flow previously for authorization.

However I would now like to consider using openid connect in pace of this, for authentication and authorization, and was wondering if the resource owner credential flow is supported in openid connect.

解决方案

Yes, OpenID Connect supports all OAuth 2.0 grant types including Resource Owner Password Credentials Grant and Client Credentials Grant.

As we know, Authorization Code Grant and Implicit Grant are typical 3-legged flows including interaction between a client, an authorization server and a user. While the Resource Owner Password Credential Grant and Client Credential Grant are 2-legged which means the client uses pre-authorized scopes so that no interaction with the user is necessary, removing the need to perform one of the legs in the typical flow.

Here is a reference: Configuring an OpenID Connect Provider to enable 2-legged OAuth requests

这篇关于OpenID Connect 是否支持资源所有者密码凭证授予?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！