3-腿和2腿的auth有什么区别?

I'm looking at oauth+php example (http://code.google.com/p/oauth-php/wiki/ConsumerHowTo#Two-legged_OAuth). There's two different schemas to get authorized: 3-legged and 2-legged. What's the difference? When should I use each of them?

我正在查看oauth+php示例(http://code.google.com/p/oauth-php/wiki/ConsumerHowTo# 2 - legged_oauth)。有两种不同的模式被授权:三条腿和两条腿。有什么区别呢?我应该什么时候使用它们?

Thank you in advance!

提前谢谢你!

3 个解决方案

#1

The referenced URL provides a decent overview.

引用的URL提供了一个不错的概述。

In Google land:

在谷歌的土地:

2-legged OAuth (2LO) is typically used for Google Apps. In this scenario, the domain administrator has can pre-approve authorization for an application to access user data on the domain (example: DocuSign can access Google Docs on behalf of all users on the example.com domain). The administrator does this via the Google Apps control panel or by installing the application from the Google Apps Marketplace. Since the approval has happened outside of the OAuth flow-- the application simply needs to prove its' identity, and then the authorization for data access is verified by the API server when a request is made. Typically the application indicates the user on behalf it's making the request using the ?xoauth_requestor_id=user@example.com query parameter in the API calls.
2脚OAuth (2LO)通常用于谷歌应用程序。在此场景中，域管理员可以预先批准应用程序的授权，以访问域上的用户数据(示例:DocuSign可以代表example.com域的所有用户访问谷歌文档)。管理员通过谷歌应用程序控制面板或从谷歌应用程序市场安装应用程序来实现这一点。由于审批在OAuth流程之外发生——应用程序只需要证明其“身份”，然后在发出请求时，API服务器会验证数据访问的授权。通常，应用程序代表用户在API调用中使用?xoauth_requestor_id=user@example.com查询参数来发出请求。
3-legged OAuth (3LO) is when you're directly prompting an end-user for authorization at the time authorization is required. This is the "normal" flow.
3脚OAuth (3LO)是当您在需要授权时直接提示终端用户进行授权的时候。这是“正常”的流程。

3 个解决方案

#1

更多相关文章

随机推荐