Using OAuth 2.0 and OpenID Connect with Caché
- About This Book
- Overview of OAuth 2.0 and OpenID Connect
- How Caché Supports OAuth 2.0 and OpenID Connect
- Using a Caché Web Application as an OAuth 2.0 Client
- Prerequisites for the Caché Client
- Configuration Requirements
- Outline of Code Requirements
- Obtaining Tokens
- Examining the Token(s)
- Adding an Access Token to an HTTP Request
- Optionally Defining Delegated Authentication for the Web Client
- Variations
- Revoking Access Tokens
- Rotating Keys Used for JWTs
- Getting a New Public JWKS from the Authorization Server
- Using a Caché Web Application as an OAuth 2.0 Resource Server
- Using Caché as an OAuth 2.0 Authorization Server
- Configuration Requirements for the Caché Authorization Server
- Code Customization Options and Overall Flow
- Implementing the Custom Methods for the Caché Authorization Server
- Details for the %OAuth2.Server.Properties Object
- Locations of the Authorization Server Endpoints
- Creating Client Definitions on a Caché OAuth 2.0 Authorization Server
- Rotating Keys Used for JWTs
- Getting a New Public JWKS from a Client
- Creating Configuration Items Programmatically
- Creating the Client Configuration Items Programmatically
- Creating the Server Configuration Items Programmatically
- Implementing DirectLogin()
- Certificates and JWTs (JSON Web Tokens)