wiki link : https://cwiki.apache.org/confluence/display/SLING/OIDC+Flow
On Fri, Jun 22, 2018 at 3:38 PM, Hasini Witharana <[email protected]> wrote: > Hi Robert, > > 1. User access Apache Sling login page >> >> - the login page contains a link to an external OAuth provider (Google) >> > > We need to have a cookie on this point. When a user click the link a > request is send to Google. This request contains a variable called state. I > need to store this variable on a HashMap against the cookie value. > > I have attached the diagram below. > > Thank You. > > On Fri, Jun 22, 2018 at 2:26 PM, Robert Munteanu <[email protected]> > wrote: > >> On Thu, 2018-06-21 at 21:58 +0530, Hasini Witharana wrote: >> > Below diagram contains the OIDC flow. >> >> (snip) >> >> It seems your diagram references a missing image file. But let's do >> this 'inline' >> >> >> My understanding is that the flow (roughly) is the following >> >> 1. User access Apache Sling login page >> >> - the login page contains a link to an external OAuth provider (Google) >> >> 2. User accesses 'Login with Google' link >> >> - the page now changes to Google's >> >> 3. User logs in to Google (if needed) and authorizes the sharing of >> identity and maybe other data >> >> 4. Google redirects the user to the Apache Sling page with an encoded >> message which contains the requested data >> >> >> Is that correct? The question is, in which step do you want to use a >> cookie and why? >> >> Thanks, >> >> Robert >> > > > > -- > *Hasini Witharana* > Undergraduate | Department of Computer Science and Engineering > University of Moratuwa > Linkedin <https://www.linkedin.com/in/hasini-witharana-185785109/> > -- *Hasini Witharana* Undergraduate | Department of Computer Science and Engineering University of Moratuwa Linkedin <https://www.linkedin.com/in/hasini-witharana-185785109/>
