Commit 9f6c61c
2019-03-20 01:55:50
Changed files (1)
presentation.md
@@ -0,0 +1,70 @@
+# Tokens
+
+
+# 1. Authentication vs Authorization
+
+Authentication: to verify the identity of the user given the credentials received.
+Authorization: to determine if the user should be granted access to a particular resource.
+
+
+# 2. Roles:
+
+* RO - Resource Owner
+* RS - Resource Server
+* AS - Authorization Server
+* C - Client
+
+
+# 3. Protocol Flow - RFC-6749 section-1.2
+
+1.2. Protocol Flow
+
+ +--------+ +---------------+
+ | |--(A)- Authorization Request ->| Resource |
+ | | | Owner |
+ | |<-(B)-- Authorization Grant ---| |
+ | | +---------------+
+ | |
+ | | +---------------+
+ | |--(C)-- Authorization Grant -->| Authorization |
+ | Client | | Server |
+ | |<-(D)----- Access Token -------| |
+ | | +---------------+
+ | |
+ | | +---------------+
+ | |--(E)----- Access Token ------>| Resource |
+ | | | Server |
+ | |<-(F)--- Protected Resource ---| |
+ +--------+ +---------------+
+
+* https://tools.ietf.org/html/rfc6749#section-1.2
+
+
+# 3a. Protocol Flow - RFC-6749 section-1.5
+
+[Refresh Token Usage](https://tools.ietf.org/html/rfc6749#section-1.5)
+```text
+ +--------+ +---------------+
+ | |--(A)------- Authorization Grant --------->| |
+ | | | |
+ | |<-(B)----------- Access Token -------------| |
+ | | & Refresh Token | |
+ | | | |
+ | | +----------+ | |
+ | |--(C)---- Access Token ---->| | | |
+ | | | | | |
+ | |<-(D)- Protected Resource --| Resource | | Authorization |
+ | Client | | Server | | Server |
+ | |--(E)---- Access Token ---->| | | |
+ | | | | | |
+ | |<-(F)- Invalid Token Error -| | | |
+ | | +----------+ | |
+ | | | |
+ | |--(G)----------- Refresh Token ----------->| |
+ | | | |
+ | |<-(H)----------- Access Token -------------| |
+ +--------+ & Optional Refresh Token +---------------+
+```
+
+
+7. Token Types