diff options
| author | Omer Katz <omer.drow@gmail.com> | 2016-08-28 10:28:42 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-08-28 10:28:42 +0300 |
| commit | d5315c19ccc3fdd4ba70b1c94a727e8573f3ad78 (patch) | |
| tree | 277114e758c859d2364c27401a496350c227c0c8 /docs/oauth2 | |
| parent | 43fb7f5bfb5fb1086d2d8ef1e57b77e84db24b45 (diff) | |
| parent | 06c0bd8e2deb7c9c2e4c5d7874bc94c90e334d4d (diff) | |
| download | oauthlib-d5315c19ccc3fdd4ba70b1c94a727e8573f3ad78.tar.gz | |
Merge pull request #416 from joelstevenson/openid_connect
Openid connect
Diffstat (limited to 'docs/oauth2')
| -rw-r--r-- | docs/oauth2/oidc.rst | 16 | ||||
| -rw-r--r-- | docs/oauth2/oidc/id_tokens.rst | 16 | ||||
| -rw-r--r-- | docs/oauth2/oidc/validator.rst | 7 |
3 files changed, 39 insertions, 0 deletions
diff --git a/docs/oauth2/oidc.rst b/docs/oauth2/oidc.rst new file mode 100644 index 0000000..d062386 --- /dev/null +++ b/docs/oauth2/oidc.rst @@ -0,0 +1,16 @@ +OpenID Connect +============== + +OpenID Connect represents a substantial set of behaviors and interactions built on the foundations of OAuth2. OAuthLib supports +OpenID Connect `Authentication flows`_ when the initial grant type request's ``scope`` parameter contains ``openid``. Clients wishing +to provide this support must implement several new features within their ``RequestValidator`` subclass. + +.. _`Authentication flows`: http://openid.net/specs/openid-connect-core-1_0.html#Authentication + +.. toctree:: + :maxdepth: 2 + + oidc/id_tokens + oidc/validator + + diff --git a/docs/oauth2/oidc/id_tokens.rst b/docs/oauth2/oidc/id_tokens.rst new file mode 100644 index 0000000..5d6aa91 --- /dev/null +++ b/docs/oauth2/oidc/id_tokens.rst @@ -0,0 +1,16 @@ +ID Tokens +========= + +The creation of `ID Tokens`_ is ultimately done not by OAuthLib but by your ``RequestValidator`` subclass. This is because their +content is dependent on your implementation of users, their attributes, any claims you may wish to support, as well as the +details of how you model the notion of a Client Application. As such OAuthLib simply calls your validator's ``get_id_token`` +method at the appropriate times during the authorization flow, depending on the grant type requested (Authorization Code, Implicit, +Hybrid, etc.) + +.. _`ID Tokens`: http://openid.net/specs/openid-connect-core-1_0.html#IDToken + +.. autoclass:: oauthlib.oauth2.RequestValidator + :members: get_id_token + + + diff --git a/docs/oauth2/oidc/validator.rst b/docs/oauth2/oidc/validator.rst new file mode 100644 index 0000000..c92b726 --- /dev/null +++ b/docs/oauth2/oidc/validator.rst @@ -0,0 +1,7 @@ +RequestValidator Extensions +============================ + +Four methods must be implemented in your validator subclass if you wish to support OpenID Connect: + +.. autoclass:: oauthlib.oauth2.RequestValidator + :members: validate_silent_authorization, validate_silent_login, validate_user_match, get_id_token |