Hi Robert, 1. User access Apache Sling login page > > - the login page contains a link to an external OAuth provider (Google) >
We need to have a cookie on this point. When a user click the link a request is send to Google. This request contains a variable called state. I need to store this variable on a HashMap against the cookie value. I have attached the diagram below. Thank You. On Fri, Jun 22, 2018 at 2:26 PM, Robert Munteanu <[email protected]> wrote: > On Thu, 2018-06-21 at 21:58 +0530, Hasini Witharana wrote: > > Below diagram contains the OIDC flow. > > (snip) > > It seems your diagram references a missing image file. But let's do > this 'inline' > > > My understanding is that the flow (roughly) is the following > > 1. User access Apache Sling login page > > - the login page contains a link to an external OAuth provider (Google) > > 2. User accesses 'Login with Google' link > > - the page now changes to Google's > > 3. User logs in to Google (if needed) and authorizes the sharing of > identity and maybe other data > > 4. Google redirects the user to the Apache Sling page with an encoded > message which contains the requested data > > > Is that correct? The question is, in which step do you want to use a > cookie and why? > > Thanks, > > Robert > -- *Hasini Witharana* Undergraduate | Department of Computer Science and Engineering University of Moratuwa Linkedin <https://www.linkedin.com/in/hasini-witharana-185785109/>
