sequenceDiagram
autonumber
participant User
participant Web Client
participant Oauth Server
participant Oauth Proxy Function
participant API Server
API Server->>User: On initial load, obtain client_id from /configuration
User->>Web Client: User login to application
Web Client->>API Server: Request to /authorize to get auth code (client_id, scopes)
API Server->>Oauth Proxy Function: Redirect to "proper oauth server"
Oauth Proxy Function->>Oauth Server: SET SELF REDIRECT, FORWARD REQUEST
Oauth Server->>User: Popup to login
User->>Oauth Server: Authenticate and consent
Oauth Server->>Oauth Proxy Function: UNSET SELF REDIRECT, FORWARD REQUEST
Note over Oauth Proxy Function: Google issues a new request to the backend <br/> for the response, unlike below
Oauth Proxy Function->>Web Client: Return auth code
Web Client->>API Server: Auth code + client_id sent to /token
API Server->>Oauth Proxy Function: Add client_secret and call "/token"
Oauth Proxy Function->>Oauth Server: SET SELF REDIRECT, FORWARD REQUEST
Oauth Server->>Oauth Server: Validate
Oauth Server->>Oauth Proxy Function: UNSET SELF REDIRECT, FORWARD RESPONSE
Note over Oauth Proxy Function: Google's /token returns in the response, <br/>unlike above
Oauth Proxy Function->>API Server: Return id_token + access_token
API Server->>Web Client: Return id_token + access_token
Web Client->>API Server: Make api request using access token in Authorization header
Last active
May 11, 2022 19:10
-
-
Save jack-r-warren/7e770c84312dbc10532699fca847d5c8 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment