O'Reilly logo

Programming Social Applications by Jonathan LeBlanc

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Step 1–2: Perform Discovery (OpenID Steps 1–2)

The first steps of the hybrid auth process will seem very familiar to you from the OpenID authentication flow overview, so we’ll just briefly touch on them:

  1. Request login with an OpenID identifier.

  2. Perform discovery on that identifier to establish an endpoint URL from which the auth process may be displayed to the user.

At step 1, the user will provide the relaying party with the OpenID identifier of the provider that he wants to use to authenticate with (i.e., which site he wants to sign in using). Through this exchange, the relaying party will normalize and perform discovery on the identifier URL before authentication begins.

The relaying party will make a request to the provider, sending it the normalized URL from the previous step. The provider will determine whether the OpenID identifier is valid and, if so, it’ll return the endpoint URL to which the user should be redirected in order to sign in and accept the permissions that the application is requesting.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required