我一直在阅读OAuth,并发现它大致执行以下操作
- client sends request token during redirect to server
- Server displays authorization screen to resource owner
- Resource owner provides uid and pw (not passed to client)
- Server sends access token back to client
- clients then users the Access token to gain access to a
resource
根据我的情况,OAuth似乎没有启用SSO或联盟,但在某些博客上它暗示它确实执行SSO
这是正确还是不正确.它可以在没有其他协议的帮助下执行SSO吗?
谢谢