OpenID Protocol Explained

Browser(User-Agent)

Desired Site(OpenID Consumer)

(Relying Party) OpenIDProvider

This is the person who desires to access a web site.

This is the browser he is using to access the web.

Person has:

Name: AlexID: http://alex.provider.com/

This is site that the user really want to access. For this example he wants to access his bank called “Big Bank”.

This is site that is going to prove that Alex is really Alex.

http://bigbank.com/ http://provider.com/

Identity Page

This addressrepresents Alex

Browser(User-Agent)

Alex Allentown

http://alex.provider.com/ Identity Page

Browser(User-Agent)

UserName:

I will log In ONCE

OpenIDProvider

aallen321

**************Password:

Browser(User-Agent)

OK, You are logged in to the OpenID service.

OpenIDProvider

Browser(User-Agent)

(Relying Party)

Big BankEnter your OpenID:http://alex.provider.com

http://bigbank.com/

Need to access the bank.

OpenIDProvider

Identity Page

Browser(User-Agent)

(Relying Party)

http://bigbank.com/

I clicked “Login”

http://alex.provider.com/

Headers:openid.server = http://provider.com/a.cgiopenid.delegate = http://provider.com/a.cgi

Identity Page

Browser(User-Agent)

(Relying Party)

Send redirect

I am waiting

http://provider.com/a.cgi

Parameters:openid.mode = checkid_setupopenid.identity = http://alex.provider.com/openid.return_to = http://bigbank.com/...

OpenIDProvider

Browser(User-Agent)

(Relying Party)

Send redirect

I am waiting

Additional Parameters:openid.mode = id_resopenid.identity = http://alex.provider.com/openid.return_to = http://bigbank.com/... openid.signed = mode,identity,return_toopenid.assoc_handle = XXXXXopenid.sig = YYYYY

http://bigbank.com/...

OpenIDProvider

Browser(User-Agent)

(Relying Party)

I am waiting

Same parameters as request exceptopenid.mode = check_authentication

Response in body: is_valid:true

OpenIDProvider

Browser(User-Agent)

(Relying Party)

Big BankYou are logged in!What would you like to do?

OK! Now I canget things done.

OpenIDProvider

Identity Page

Finally … generatepage for display

OpenID Protocol Explained

Technology

Transcript of OpenID Protocol Explained

OpenID Authentication

OpenID Bootcamp Tutorial

OpenID DrupalCon 2009

OpenID connect @ Deutsche telekom - GSMA · PDF fileThe One Protocol OpenID Connect allows us to use the same protocol for all use case since it adds OpenID features to OAuth no need

Foaf Openid Milan

OpenID and OAuth

Rails flavoured OpenId

The OpenID Connect Protocol

OpenID Contexts

FOSSwire3 + OpenID

OpenID TechNight #6 - OpenID on Smart.fm

OpenID 101

OpenID 2009

Securing your APIs with OAuth, OpenID, and OpenID Connect

20091029 OpenID Talk

OpenID Security

OpenID Connect Explained - Paris jug · OpenID Connect is good for consumer apps social apps enterprise apps mobile apps

Oracle Banking APIs OpenID Guide Banking API… · OPENID 5 OpenID Guide 5 2. OPENID OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients

Assessment of Secure OpenID-Based DAAA Protocol for Avoiding Session Hijacking …downloads.hindawi.com/journals/scn/2018/6315039.pdf · 2019-07-30 · Assessment of Secure OpenID-Based

OpenID Connect - Nat Sakimura at OpenID TechNight #7