Tools, FAQ, Tutorials:
Authentication Response Received from Google OpenID Connect
How to process the authentication response received from Google OpenID Connect service after sending an authentication request?
✍: FYIcenter.com
After Google OpenID Connect service receives an authentication request
from the end user's Web browser, it will process the request and
redirect the Web browser to the "redirect_uri" with the authentication response.
This invoke your server side script located at the "redirect_uri". In order for your script to process the authentication response, you need to have a good understanding of the authentication response.
Here is an example of Google OpenID Connect authentication response, returned with "response_type=id_token" in your authentication request, by using a Web browser redirect response:
Status Code: 302 location: http://dev.fyicenter.com/openID_receiver.php \ #state=7654321 \ &id_token=ey4MjZkZDFkYzE5mN... \ &authuser=1 \ &session_state=c80391c7772... \ &prompt=none
The "id_token" value is actually a RFC 7519 - JWT (JSON Web Token) string.
Note that Google OpenID Connect returns parameters as a URL "anchor" using the "#" identifier, instead of a URL query string using the "?" identifier. This will cause problem for your server side script, openID_receiver.php, when the browser directs the user to this URL, it will remove the "anchor" part of the URL.openID_receiver.php will get no parameters.
It looks like the Google OpenID Connect Implicit flow is intended for application with JavaScript code running in the browser to fire the authentication request with "response_type=id_token" in an AJAX call, and receive/decode the id_token in the browser.
If you really want to pass the id_token to the server side, you make another AJAX call to send the id_token to the server script, openID_receiver.php.
⇒ Google OpenID Authentication Request Test
⇐ Process Google OpenID Connect Authentication Request
2021-03-07, 1516🔥, 0💬
Popular Posts:
How to use the "Ctrl-p Ctrl-q" sequence to detach console from the TTY terminal of container's runni...
What Is session_register() in PHP? session_register() is old function that registers global variable...
How to use the Atom Online Validator at w3.org? w3.org feed validation service is provided at http:/...
How to Build my "sleep" Docker image from the Alpine image? I want the container to sleep for 10 hou...
How to start Docker Daemon, "dockerd", on CentOS systems? If you have installed Docker on your CentO...