Introduction to OpenID Connect | Technology

It is an augmentation of OAuth 2.0 convention where in it includes more data for application. In OAuth 2.0, application get security/approval token which can be utilized to get to downstream apis. With OpenID Connect, application can get data about end client and their profile data.

Stream:

Get an id_token

Recover profile data from the UserInfo endpoint utilizing token

The id_token comprises of 3 sections which are Base64url encoded isolated by (.)

– header

– payload

– signature

For instance

ewoiYWxnIjoiUlMyNTYiLAoia2lkIjoiMTIxMiIKfQ==.ewoic3ViIjoiUmFqIiwKImF1ZCI6ImltX29pY19jbGllbnQiLAoianRpIjoiMjY0OTg2MjM4NzY0MjM0IiwKImlzcyI6Imh0dHBzOlwvXC9sb2NhbGhvc3Q6OTAzMSIsCiJpYXQiOjgzNDc1ODczNDk1ODczLAoiZXhwIjo5NzUwODQzMDUsCiJub25jZSI6InNqaGRranNhLWRzYWRhLWRzYWRhcywKImF0X2hhc2giOiJkaGZramRzbGtkc2pmbGtqc2QiCn0g.3ldksjflkdsjsdlkfsldkhflksdhsnfhsld79879dsfdsfsdfsdklf8sd90

We get above token and need to part them by (.) and after that encode them by base64, we will get beneath 3 esteems

Header:

{

“alg”:”RS256″,

“kid”:”1212″

}

Payload:

{

“sub”:”Raj”,

“aud”:”im_oic_client”,

“jti”:”264986238764234″,

“iss”:”https://localhost:9031″,

“iat”:83475873495873,

“exp”:975084305,

“nonce”:”sjhdkjsa-dsada-dsadas,

“at_hash”:”dhfkjdslkdsjflkjsd”

}

Mark:

3ldksjflkdsjsdlkfsldkhflksdhsnfhsld79879dsfdsfsdfsdklf8sd90

One needs to play out a few approvals to ensure that the token is gotten from confided in customer.

One can check a few information from payload, as iss and so on.

Lets get the setup of ID associate

https://localhost:9031/.surely understood/openid-design

It will return payload with subtleties having token_endpoint,jwks_uri, userinfo_endpoint, scopes_supported

Application can check the userinfo_endpoint and get the client data/profile subtleties.