OP initiated ã®èªè¨¼ã«é¢ããã¡ã¢
å人çãªã¡ã¢ã§ãã
åã« id:kthrtty ãã¡ãã£ã¨è¨ã£ã¦ããã¨ããµã¨æ°ã«ãªã£ãã®ã§ã
ä»æ§ä¸é¢é£ããã¨ãã
In indirect communication, messages are passed through the User-Agent. This can be initiated by either the Relying Party or the OP.
éæ¥éä¿¡ã®ä¸ã§ãã¡ãã»ã¼ã¸ã¯ User-Agent ãä»ãã¦è¡ãããããã㯠RP ã¾ã㯠OP ã®ãããããã§ãéå§ãããã¨ãåºæ¥ãã
If the Claimed Identifier was not previously discovered by the Relying Party (the "openid.identity" in the request was "http://specs.openid.net/auth/2.0/identifier_select" or a different Identifier, or if the OP is sending an unsolicited positive assertion), the Relying Party MUST perform discovery on the Claimed Identifier in the response to make sure that the OP is authorized to make assertions about the Claimed Identifier.
RP ãããã®æç¹ã¾ã§ã« Claimed Identifier ããã£ã¹ã«ããªã«ãã£ã¦åå¾ãã¦ããªã(ãªã¯ã¨ã¹ãä¸ã® "openid.identity" ã "http://specs.openid.net/auth/2.0/identifier_select"ãã¾ãã¯ç°ãªã identifierãããã㯠OP ãä¸æ¹çãªè¯å®ã¢ãµã¼ã·ã§ã³ãéã£ã¦ãã)å ´åãRP ã¯ãã® Claimed Identifier ä¸ã§ãã£ã¹ã«ããªãå®è¡ããOP ããã® Claimed Identifier ã«å¯¾ãã¦ã¢ãµã¼ã·ã§ã³ãè¡ãèªå¯ããããã©ããã確ãããªããã°ãªããªãã
ã¤ã¾ãã©ããããã¨ã
- OP ããéæ¥éä¿¡ããããã¨ãåºæ¥ã
- OP 㯠RP ããèªè¨¼è¦æ±ãããã¦ããªãç¶æ³ã§ä¸æ¹çã«è¯å®ã¢ãµã¼ã·ã§ã³ (openid.mode=id_res) ã RP ã«éãã¤ãã¦ãã
ã¨è¨ãäºãªã®ã§ãOP initiated 㧠RP ã«ãã°ã¤ã³ããã¨è¨ãæ çµã¿ãä½ãäºã¯å¯è½ã§ããäºã示åãã¦ã訳ã§ããã
RP ã¯ããããè¯å®ã¢ãµã¼ã·ã§ã³ã UserAgent çµç±ã§çªç¶ãã£ã¦ããå ´åã«ãéãã¤ããããèªè¨¼çµæãã openid.claimed_id ã«å¯¾ãã¦ãã£ã¹ã«ããªãã¦ãOP Endpoint URL ãä¸è´ãããã©ãããã¾ãå¿ è¦ãªãã° OP Local Identifier ãä¸è´ããããæ¤è¨¼ããã°ãã訳ã§ãã(å½ç¶ãé常ã®æ¤è¨¼ãè¡ã£ãä¸ã§ã§ããã)
ã©ããªé¢¨ã«ä½¿ããã®ã
ä»ã¾ã§ RP ããèªè¨¼ãå§ã¾ããã®ã ã¨è¨ãæãè¾¼ã¿ããã£ã訳ã§ãããå ´åã«ãã£ã¦ã¯ OP ä¸ã§ RP ä¸è¦§ã¿ããã®ããã£ã¦ããã®ãã¿ã³ãæ¼ããããããªããã°ã¤ã³ã¨ããããã㯠RP ä¸ã§ããã«ä¼å¡ç»é²åºæ¥ãã¿ãããªããã¼ã¨ããä½ãããã§ããã
ãã®å ´åãRP ã®åãç¿ã¯ return_to ãªè¨³ã§ãããããã㧠RP discovery ã使ããã¨ã
RP 㯠realm ã«å¯¾ãããã£ã¹ã«ããªã®çµæã¨ãã¦ã
<Service xmlns="xri://$xrd*($v*2.0)"> <Type>http://specs.openid.net/auth/2.0/return_to</Type> <URI>http://consumer.example.com/return</URI> </Service>
ã¨ãã£ã XRDS ææ¸ãè¿ãããã ãããããã RP ä¸ã®ãã°ã¤ã³ç¨ã® URI ã priority ã§æ大ã«ãªãããæ示ããã¨è¨ãã«ã¼ã«ããããã°ãããã OP ãè¦ã¦ï¼ï½ï½ ã¨ãåºæ¥ããã
欲ãè¨ãã°ãããã« SREG ãã AX ãªã©ã§ RP ã®ãã® return_to ã§ã¯ããããå±æ§ã欲ããããªãã¦æ示ãåºæ¥ãã° OP initiated ã®èªè¨¼éå§ããã便å©ã«ãªããããããªãã