HTTP模块中的OAuth 2.0身份验证
是否可以在HTTP模块中实现OAuth(开放授权)2.0或1.0.
Is it possible to implement OAuth(Open Authorization) 2.0 or 1.0 in HTTP Module.
为什么要选择它,因为每个请求都将首先到达HTTP模块,因此我必须从该请求中进行身份验证
Why i m choosing this because, each and every request will first reaches the HTTP Module, so from that request i have to authenticate
有可能吗?
如果是,请为此提供一个相关链接
If YES means , please like a related link for that
帮帮我..
I'm going to add to Eugenio's answer by saying that mod_auth_openidc supports two modes of operation:
-
它可以用作OpenID Connect依赖方,通过使用和验证由OpenID Connect提供商发行的ID令牌,访问令牌和刷新令牌来对用户进行身份验证;它将有关经过身份验证的用户(可能还有令牌本身)的信息中继到在Apache服务器之上或之后运行的受保护应用程序
it can function as an OpenID Connect Relying Party authenticating users by consuming and verifying ID tokens, access tokens and refresh tokens as issued by an OpenID Connect Provider; it will relay information about the authenticated user (and possibly the tokens themselves) to the protected application that runs on or behind the Apache server
它可以充当OAuth 2.0资源服务器,通过使用和验证由OAuth 2.0授权服务器发布的访问令牌来控制来自OAuth 2.0客户端的访问;它可以将与访问令牌相关的信息传递给在Apache服务器上或之后运行的受保护应用程序
it can function as an OAuth 2.0 Resource Server, controlling access from OAuth 2.0 clients by consuming and verifying access tokens that have been issued by an OAuth 2.0 Authorization Server; it can pass on information associated with the access token to the protected application that runs on or behind the Apache server
对于这两种情况,都可以使用Apache的Require逻辑基于ID令牌响应中存在的某些声明来强制执行访问.访问令牌.
For both cases, Apache's Require logic can be used to enforce access based on certain claims that are present in the ID token resp. access token.
2019年4月12日更新:
Update April 12, 2019:
现在有一个专用模块可以处理OAuth 2.0资源服务器功能: https://github.com/zmartzone /mod_oauth2
There's now a dedicated module to handle the OAuth 2.0 Resource Server functionality: https://github.com/zmartzone/mod_oauth2