DRAG DROP - If the client requests authorization from the resource owner, what are the remaining sequence of steps to authenticate a user using OAuth control? Select and Place:
correct :
STEP1 : Client receives an authorization grand used by the client to obtain an access token
STEP2 : client requests an access token by authenticating with the authorization server and presenting the authorization grant
STEP3 : authorization server authenticates the client and validates the authorization grant
STEP4 : client requests the protected resource from the resource server and authenticates by presenting the access token
STEP5 : resource server validates the access token and if valid serves the request
https://tools.ietf.org/html/rfc6749#section-7 P7
Wrong
Client requests an authorization grand used by the client to obtain an access token
Client requests an access token by authenticating with the authorization server and presents the auth. Grand
Authorization server authenticates the client and validates the authorization grant
Client requests the protected resource from the res. Server and authenticates by pres. The access token.
6
Resource server validates the access token and serves the request.
CLIENT REQUESTS AN ACCESS TOKEN BY AUTHENTICATING WITH THE AUTHORIZATION SERVER AND PRESENTS THE AUTHORIZATION GRANT
CLIENT RECEIVES AN AUTHORIZATION GRANT USED BY THE CLIENT TO OBTAIN AN ACCESS TOKEN
AUTHORIZATION SERVER AUTHENTICATES THE CLIENT AND VALIDATES THE AUTHORIZATION GRANT
CLIENT REQUESTS THE PROTECTED RESOURCE FROM THER RESOURCE SERVER AND AUTHENTICATES BY PRESENTING THE ACCESS TOKEN
RESOURCE SERVER VALIDATES THE ACCESS TOKEN AND, IF VALID, SERVES THE REQUEST
STEP 1: client receives an authorization grand used by the client to obtain an access token
STEP 2: client requests an access token by authenticating with the authorization server and presenting the authorization grant
STEP 3: authorization server authenticates the client and validates the authorization grant
STEP 4: client requests the protected resource from the resource server and authenticates by presenting the access token
STEP 5: resource server validates the access token and if valid serves the request
ISMv4:
1. The client requests authorization from the resource owner. The authorization request can be made directly to the resource owner, or indirectly through the authorization server.
2. The client receives an authorization grant, which is a credential representing the resource owner's authorization to access its protected resources. It is used by the client to obtain an access token. Access tokens are credentials that are used to access protected resources. An access token is a string representing an authorization issued to the client. The string is usually opaque to the client. Tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server.
3. The client requests an access token by authenticating with the authorization server and presenting the authorization grant.
4. The authorization server authenticates the client and validates the authorization grant, and if valid, issues an access token.
5. The client requests the protected resource from the resource server and authenticates by presenting the access token.
6. The resource server validates the access token, and if valid, serves the request.
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
shaolong1231
Highly Voted 3 years, 8 months agomarmaris
Highly Voted 3 years, 11 months agoSaroj1969
Most Recent 2 years, 6 months agoMaryjn3
2 years, 11 months agoDavid_Le
3 years agodioamm
3 years, 1 month ago