Using OAuth 2.0 and OpenID Connect with Caché
Contents
 
   
Server:docs2
Instance:LATEST
User:UnknownUser
 
-
Go to:
Search:    

 
Contents

Preface : 
 
 
Chapter 1: 
 
  • 1.1 Basics
  • 1.2 Roles
  • 1.3 Access Tokens
  • 1.3.1 Forms of Access Tokens
  • 1.3.2 Claims
  • 1.4 Grant Types and Flows
  • 1.5 Scopes
  • 1.6 Endpoints in an Authorization Server
  • 1.7 See Also
  • Chapter 2: 
     
  • 2.1 Supported Scenarios
  • 2.2 Caché Support for OAuth 2.0 and OpenID Connect
  • 2.2.1 Configuration Items on a Client
  • 2.2.2 Configuration Items on the Server
  • 2.3 Standards Supported in Caché
  • Chapter 3: 
     
  • 3.1 Prerequisites for the Caché Client
  • 3.2 Configuration Requirements
  • 3.2.1 Creating a Server Description (Using Discovery)
  • 3.2.2 Configuring and Dynamically Registering a Client
  • 3.3 Outline of Code Requirements
  • 3.4 Obtaining Tokens
  • 3.4.1 Method Details
  • 3.5 Examining the Token(s)
  • 3.6 Adding an Access Token to an HTTP Request
  • 3.7 Optionally Defining Delegated Authentication for the Web Client
  • 3.7.1 Creating and Using a ZAUTHENTICATE Routine for an OAuth 2.0 Client
  • 3.7.2 Creating and Using a Custom Login Page for an OAuth 2.0 Client
  • 3.7.3 Notes about the OAUTH2.ZAUTHENTICATE.mac Sample
  • 3.8 Variations
  • 3.8.1 Variation: Implicit Grant Type
  • 3.8.2 Variation: Password Credentials Grant Type
  • 3.8.3 Variation: Client Credentials Grant Type
  • 3.8.4 Variation: Performing the Redirect within OnPreHTTP
  • 3.8.5 Variation: Passing Request Objects as JWTs
  • 3.8.6 Variation: Calling Other Endpoints of the Authorization Server
  • 3.9 Revoking Access Tokens
  • 3.9.1 Revoking a User’s Access Tokens
  • 3.9.2 Revoking Access Tokens Programmatically
  • 3.10 Rotating Keys Used for JWTs
  • 3.10.1 API for Key Rotation on the Client
  • Chapter 4: 
     
  • 4.1 Prerequisites for the Caché Resource Server
  • 4.2 Configuration Requirements
  • 4.3 Code Requirements
  • 4.4 Variations
  • 4.4.1 Variation: Resource Server Calls Userinfo Endpoint
  • 4.4.2 Variation: Resource Server Does Not Call Endpoints
  • Chapter 5: 
     
  • 5.1 Configuration Requirements for the Caché Authorization Server
  • 5.1.1 Configuring the Authorization Server
  • 5.2 Code Customization Options and Overall Flow
  • 5.2.1 How a Caché Authorization Server Processes Requests
  • 5.2.2 Default Classes
  • 5.3 Implementing the Custom Methods for the Caché Authorization Server
  • 5.3.1 Optional Custom Processing Before Authentication
  • 5.3.2 Identifying the User
  • 5.3.3 Validating the User and Specifying Claims
  • 5.3.4 Displaying Permissions
  • 5.3.5 Optional Custom Processing After Authentication
  • 5.3.6 Generating the Access Token
  • 5.3.7 Validating the Client
  • 5.4 Details for the %OAuth2.Server.Properties Object
  • 5.4.1 Basic Properties
  • 5.4.2 Properties Related to Claims
  • 5.4.3 Methods for Working with Claims
  • 5.5 Locations of the Authorization Server Endpoints
  • 5.6 Creating Client Definitions on a Caché OAuth 2.0 Authorization Server
  • 5.7 Rotating Keys Used for JWTs
  • 5.7.1 API for Key Rotation on the Authorization Server
  •  
    Appendix A: 
     
  • A.1 Creating the Client Configuration Items Programmatically
  • A.1.1 Creating a Server Description
  • A.1.2 Creating a Client Configuration
  • A.2 Creating the Server Configuration Items Programmatically
  • A.2.1 Creating the Authorization Server Configuration
  • A.2.2 Creating a Client Description
  • Appendix B: 
     
    Appendix C: 
     
  • C.1 Using Certificates for an OAuth 2.0 Client
  • C.2 Using Certificates for an OAuth 2.0 Resource Server
  • C.3 Using Certificates for an OAuth 2.0 Authorization Server