OAuth2用户单点登录组件，重新验证力 [英] OAuth2 Single-sign-on component, force reauthentication

问题描述

现在我有一个抽象适配器处理所有不同的社会媒体，社交媒体适配器牵住的信息，并传递到抽象适配器，然后使用的OAuth2对用户进行认证，并允许API调用来进行。我想迫使用户重新进行身份验证每次他们试图登录，连结或取消连结帐户。我怎么告诉的OAuth2我希望他们reauth每次？这是我通过现在的认证：

Right now I have a Abstract Adapter that handles all the different social medias, the social media adapters just hold the information and pass that to the abstract adapter that then uses OAuth2 to authenticate the user and allows API calls to be made. I want to FORCE the user to reauthenticate everytime they try to login, link or unlink an account. How do I tell OAuth2 I want them to reauth everytime? This is what I pass right now for the authentication:

$this->_oauth = new \League\OAuth2\Client\Provider\GenericProvider(array(
        'clientId'                => $this->_key,
        'clientSecret'            => $this->_secret,
        'redirectUri'             => $this->getObject('request')->getBaseUrl() . $this->_redirect_uri,
        'urlAuthorize'            => $this->_authorize_uri,
        'urlAccessToken'          => $this->_access_uri,
        'urlResourceOwnerDetails' => ''
    ));

所以我的问题，一切正常，链接，断开链接和登录到已使用社交媒体社交媒体相关联的帐户。但我怎么强制用户reauth每次即使他们5分钟前登录到Facebook的和Facebook知道它仍然有一个活动会话？ （对于所有其他社交媒体同样的事情，Facebook是只是一个例子）

So my question, everything works fine, linking, unlinking and signing into an account which has been linked with a social media using that social media. But how do I force the user to reauth everytime even if they logged into Facebook 5 minutes ago and Facebook knows it still has a active session? (Same thing for all other social medias, Facebook is just an example)

推荐答案

答案是，除了对Facebook和谷歌这是不可能迫使reauth。 OAuth2用户也提供任何这一点。

The answer is that besides for Facebook and Google it's impossible to force reauth. OAuth2 also offers nothing for this.

这篇关于OAuth2用户单点登录组件，重新验证力的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！