[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[www-reclaim] branch master updated: update
|
From: |
gnunet |
|
Subject: |
[www-reclaim] branch master updated: update |
|
Date: |
Sun, 03 Jan 2021 10:00:09 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository www-reclaim.
The following commit(s) were added to refs/heads/master by this push:
new 5864100 update
5864100 is described below
commit 58641008c53948c2f299f4e5f9f55efe712b2413
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Sun Jan 3 17:59:26 2021 +0900
update
---
_includes/footer.html | 2 +-
_pages/04_foridps.html | 29 +++++++++++++++++++++++
_pages/{04_motivation.html => 05_motivation.html} | 0
_pages/{05_faq.html => 06_faq.html} | 0
_sass/_layout.scss | 2 +-
5 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/_includes/footer.html b/_includes/footer.html
index 35d5df3..de4b431 100644
--- a/_includes/footer.html
+++ b/_includes/footer.html
@@ -1,6 +1,6 @@
<footer>
<div class="separator"></div>
- <p>(C) 2020 <a
href="https://www.aisec.fraunhofer.de/de/fields-of-expertise/projekte/reclaim.html";>Fraunhofer
AISEC</a> |</p>
+ <p>(C) 2021 <a
href="https://www.aisec.fraunhofer.de/de/fields-of-expertise/projekte/reclaim.html";>Fraunhofer
AISEC</a> |</p>
<p><a href="/impressum.html">Imprint</a> | </p>
<p><a href="/privacy.html">Privacy</a></p>
</footer>
diff --git a/_pages/04_foridps.html b/_pages/04_foridps.html
new file mode 100644
index 0000000..50ae2ff
--- /dev/null
+++ b/_pages/04_foridps.html
@@ -0,0 +1,29 @@
+---
+layout: page
+title: For identity providers
+permalink: /for-idps/
+---
+<div class="alert alert-warning"><b>NOTE</b>: This software is still in
development and has not reached a high level of maturity, yet. You are welcome
to try it and it would be of great help to us if you <a
href="https://gitlab.com/groups/reclaimid/-/issues";>report any issues you
find.</a></div>
+
+<h2><b>Step 1:</b> OpenID Service</h2>
+As an identity provider and credential issuer, you need to setup an OpenID
Connect server. There are many servers out there. For a list of servers, check
out the <a href="https://openid.net/developers/certified/";>OpenID website</a>.
+One important caveat is that the server should allow you to issue user
information inside the signed "ID Token".
+The configuration regarding what user information goes into the token is of
course completely under your discretion.
+
+<h2 class="mt-5"><b>Step 2:</b> Configuring the reclaimID client</h2>
+reclaimID uses special client values which must be registered at the OpenID
server. The values are:
+<ul>
+ <li><b>Client ID</b>: reclaimid</li>
+ <li><b>Client secret</b>: none (public client)</li>
+ <li><b>Redirect URI</b>: https://ui.reclaim</li>
+ <li><b>Grant type</b>: Authorization code</li>
+ <li><b>PKCE</b>: enabled (Optional but highly recommended)</li>
+</ul>
+
+<h2 class="mt-5"><b>Step 3:</b> Configuring a webfinger</h2>
+You must support the webfinger-based <a
href="https://openid.net/specs/openid-connect-discovery-1_0.html";>OpenID
Connect service discovery</a>.
+Whenever the user configures an email address for an identity, reclaimID will
try to discover the issuing identity provider through the OIDC Discovery
protocol. This includes a <a
href="https://openid.net/specs/openid-connect-discovery-1_0.html#EmailSyntax";>request
to the authority part of the email address</a>.
+
+The response should point reclaimID to the actual OpenID Connect service <a
href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata";>serving
the issuer medatata</a>. reclaimID will try to request all scopes which are
listed in the metadata, but does not expect all of them to be granted.
+
+
diff --git a/_pages/04_motivation.html b/_pages/05_motivation.html
similarity index 100%
rename from _pages/04_motivation.html
rename to _pages/05_motivation.html
diff --git a/_pages/05_faq.html b/_pages/06_faq.html
similarity index 100%
rename from _pages/05_faq.html
rename to _pages/06_faq.html
diff --git a/_sass/_layout.scss b/_sass/_layout.scss
index d355837..5c25219 100644
--- a/_sass/_layout.scss
+++ b/_sass/_layout.scss
@@ -199,7 +199,7 @@ aside {
nav {
//float: left;
text-align: center;
- max-width: 800px;
+ //max-width: 800px;
margin: 0 auto;
a {
text-decoration: none;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [www-reclaim] branch master updated: update,
gnunet <=