From 32b973ac1386bf77bb1a30af63f89dacfe97092a Mon Sep 17 00:00:00 2001 From: amrita Date: Fri, 20 Oct 2023 11:46:31 +0545 Subject: [PATCH] Fix grammars --- .../flow.md => apis/http/authorization.md} | 21 ++++++++++--------- .../{oidc/_index.md => oidc.md} | 20 ++++++++++-------- 2 files changed, 22 insertions(+), 19 deletions(-) rename docs/{ocis/identity-provider/oidc/flow.md => apis/http/authorization.md} (86%) rename docs/ocis/identity-provider/{oidc/_index.md => oidc.md} (76%) diff --git a/docs/ocis/identity-provider/oidc/flow.md b/docs/apis/http/authorization.md similarity index 86% rename from docs/ocis/identity-provider/oidc/flow.md rename to docs/apis/http/authorization.md index cbbea9dd7da..14d1d781942 100644 --- a/docs/ocis/identity-provider/oidc/flow.md +++ b/docs/apis/http/authorization.md @@ -1,9 +1,9 @@ --- -title: Flow +title: Authorization weight: 40 geekdocRepo: https://github.com/owncloud/ocis -geekdocEditPath: edit/master/docs/ocis/identity-provider/oidc -geekdocFilePath: flow.md +geekdocEditPath: edit/master/docs/apis/http/ +geekdocFilePath: authorization.md --- In its default configuration, Infinite Scale supports three authentication methods as outlined on the [OIDC official site](https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3): @@ -11,14 +11,15 @@ In its default configuration, Infinite Scale supports three authentication metho 2. Implicit Flow 3. Hybrid Flow +For detailed information on Infinite Scale's support for OpenID Connect (OIDC), please consult the [OIDC section](../../ocis/identity-provider/oidc.md). To authenticate using OIDC, both `client_id` and `client_secret` are essential. -Infinite Scale doesn't offer dynamic registration . We have to use one from the default owncloud client. -By default, [owncloud clients](https://doc.owncloud.com/server/next/admin_manual/configuration/user/oidc/oidc.html#client-ids-secrets-and-redirect-uris) are: +Infinite Scale doesn't offer dynamic registration. We have to use one from the default ownCloud client. +By default, [ownCloud clients](https://doc.owncloud.com/server/next/admin_manual/configuration/user/oidc/oidc.html#client-ids-secrets-and-redirect-uris) are: - Desktop - Android - iOS -While selecting owncloud client for authentication, take note of specific limitations such as `Redirect URI` +While selecting ownCloud client for authentication, take note of specific limitations such as `Redirect URI` | Source | Redirect URI | |------|--------| |Android|oc://android.owncloud.com| @@ -31,14 +32,14 @@ client_id=xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69 client_secret=UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh ``` -# Authorization Code Flow +## Authorization Code Flow 1. Requesting authorization To initiate the OIDC Code Flow, you can use tools like curl and a web browser. The user should be directed to a URL to authenticate and give their consent (bypassing consent is against the standard): ```plaintext - https://ocis.test:9200/signin/v1/identifier/_/authorize?client_id=client_id&scope=openid+profile+email+offline_access&response_type=code&redirect_uri=http://path-to-redirect-uri + https://ocis.test/signin/v1/identifier/_/authorize?client_id=client_id&scope=openid+profile+email+offline_access&response_type=code&redirect_uri=http://path-to-redirect-uri ``` After a successful authentication, the browser will redirect to a URL that looks like this: @@ -98,7 +99,7 @@ client_secret=UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh } ``` -# Implicit Code Flow +## Implicit Code Flow When using the implicit flow, tokens are provided in a URI fragment of the redirect URL. Valid values for the `response_type` request parameter: - token @@ -129,7 +130,7 @@ For the next step extract the access_token from the URL. access_token = 'eyJhbGciOiJQ...' ``` -# Hybrid Flow +## Hybrid Flow The Hybrid Flow in OpenID Connect melds features from both the Implicit and Authorization Code flows. It allows clients to directly retrieve certain tokens from the Authorization Endpoint, yet also offers the option to acquire additional tokens from the Token Endpoint. The Authorization Server redirects back to the client with appropriate parameters in the response, based on the value of the response_type request parameter: diff --git a/docs/ocis/identity-provider/oidc/_index.md b/docs/ocis/identity-provider/oidc.md similarity index 76% rename from docs/ocis/identity-provider/oidc/_index.md rename to docs/ocis/identity-provider/oidc.md index 3a61bb3730e..85df2204e29 100644 --- a/docs/ocis/identity-provider/oidc/_index.md +++ b/docs/ocis/identity-provider/oidc.md @@ -3,8 +3,8 @@ title: "OIDC" date: 2023-10-10T00:00:00+00:00 weight: 21 geekdocRepo: https://github.com/owncloud/ocis -geekdocEditPath: edit/master/docs/ocis/identity-provider/oidc -geekdocFilePath: _index.md +geekdocEditPath: edit/master/docs/ocis/identity-provider +geekdocFilePath: oidc.md geekdocCollapseSection: true --- @@ -20,13 +20,13 @@ The field names and values are defined in the [OpenID Connect Discovery Specific Here is an example of data returned: ```json { - "issuer": "https://ocis.test:9200", - "authorization_endpoint": "https://ocis.test:9200/signin/v1/identifier/_/authorize", - "token_endpoint": "https://ocis.test:9200/konnect/v1/token", - "userinfo_endpoint": "https://ocis.test:9200/konnect/v1/userinfo", - "end_session_endpoint": "https://ocis.test:9200/signin/v1/identifier/_/endsession", - "check_session_iframe": "https://ocis.test:9200/konnect/v1/session/check-session.html", - "jwks_uri": "https://ocis.test:9200/konnect/v1/jwks.json", + "issuer": "https://ocis.test", + "authorization_endpoint": "https://ocis.test/signin/v1/identifier/_/authorize", + "token_endpoint": "https://ocis.test/konnect/v1/token", + "userinfo_endpoint": "https://ocis.test/konnect/v1/userinfo", + "end_session_endpoint": "https://ocis.test/signin/v1/identifier/_/endsession", + "check_session_iframe": "https://ocis.test/konnect/v1/session/check-session.html", + "jwks_uri": "https://ocis.test/konnect/v1/jwks.json", "scopes_supported": [ "openid", "offline_access", @@ -102,3 +102,5 @@ Here is an example of data returned: "request_uri_parameter_supported": false } ``` + +Refer to the [Authorization](../../apis/http/authorization.md) section for example usages and details.