Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Single Sign On with OAuth and OpenID

Jérôme Gasperi
September 19, 2013
Technology
1
120

Single Sign On with OAuth and OpenID

CEOS WGISS 36 - Frascati, Italy - 2013.09.19

Single Sign On with OAuth and OpenID used for Kalideos project and to be used within the French Land Surface Thematic Center

Keywords: oauth, openid, sso

Jérôme Gasperi

September 19, 2013
Tweet

More Decks by Jérôme Gasperi

See All by Jérôme Gasperi
RESTo - restful semantic search tool for geospatial
jjrom
0
250
Cloud Computing & Web Processing Services
jjrom
0
160
WPS on the cloud - OWS-10 OGC testbed
jjrom
0
170
CNES Data Center
jjrom
0
130
CNES OpenSearch implementations
jjrom
0
79
Web Processing Service
jjrom
0
230
Unify Earth Observation products access with OpenSearch
jjrom
0
79
Web Processing Service for assisted land cover classification
jjrom
0
140
CNES activities on semantic search
jjrom
0
59

Other Decks in Technology

See All in Technology
サーバレスアプリ開発者向けアップデートをキャッチアップしてきた #AWSreInvent #regrowth_fuk
drumnistnakano
0
190
生成AIをより賢く エンジニアのための RAG入門 - Oracle AI Jam Session #20
kutsushitaneko
4
220
あの日俺達が夢見たサーバレスアーキテクチャ/the-serverless-architecture-we-dreamed-of
tomoki10
0
450
.NET 9 のパフォーマンス改善
nenonaninu
0
870
Jetpack Composeで始めるServer Cache State
ogaclejapan
2
170
株式会社ログラス − エンジニア向け会社説明資料 / Loglass Comapany Deck for Engineer
loglass2019
3
32k
ガバメントクラウドのセキュリティ対策事例について
fujisawaryohei
0
530
1等無人航空機操縦士一発試験 合格までの道のり ドローンミートアップ@大阪 2024/12/18
excdinc
0
160
サイバー攻撃を想定したセキュリティガイドライン 策定とASM及びCNAPPの活用方法
syoshie
3
1.2k
Snowflake女子会#3 Snowpipeの良さを5分で語るよ
lana2548
0
230
Storage Browser for Amazon S3
miu_crescent
1
140
OpenAIの蒸留機能(Model Distillation)を使用して運用中のLLMのコストを削減する取り組み
pharma_x_tech
4
550

Featured

See All Featured
Done Done
chrislema
181
16k
Imperfection Machines: The Place of Print at Facebook
scottboms
266
13k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
5
440
Designing for Performance
lara
604
68k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Music & Morning Musume
bryan
46
6.2k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
810
What's in a price? How to price your products and services
michaelherold
243
12k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.6k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
The Art of Programming - Codeland 2020
erikaheidi
53
13k

Transcript

  1. Jérôme Gasperi Single Sign On with OAuth and OpenID WGISS-36

    ESA/ESRIN - Frascati, Italy - September 19th, 2013

  2. OpenID is an open standard for authentication. Model is based

    on confidence links between Service Providers and Authentication Providers (i.e. OpenID providers) to achieve Single Sign On authentication

  3. OAuth is an open standard for authorization. It provides a

    method for clients to access server resources on behalf of a resource owner

  4. OAuth is an open standard for authorization. It provides a

    method for clients to access server resources on behalf of a resource owner etc...

  5. Experiment Filter access to Kalideos (i.e. SPOT) data through a

    secured WMS server using OpenID Connect (i.e. OpenID over OAuth)

  6. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session

  7. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  8. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  9. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session

  10. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session

  11. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  12. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  13. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  14. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  15. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  16. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  17. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  18. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  19. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  20. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  21. Kalideos Server Identity Server LDAP WMS Server 1. Ask for

    authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

  22. OpenID Connect planned to be used in Theia (i.e. French

    Land Surface Thematic Center)
  23. None