Created
December 6, 2012 10:08
-
-
Save kotaroito/4223429 to your computer and use it in GitHub Desktop.
A basic sequence to explain OAuth2 authorization code grant.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@startuml | |
actor UserAgent | |
participant Client | |
participant "Authorization Server" | |
activate UserAgent | |
UserAgent -> "Authorization Server" : client Identifier & redirection URI | |
activate "Authorization Server" | |
== Resource owner's grant == | |
"Authorization Server" --> UserAgent: redirect w/authorization code | |
UserAgent -> Client: access to redirection URI | |
activate Client | |
Client -> "Authorization Server": request access token | |
"Authorization Server" --> Client: access token | |
deactivate "Authorization Server" | |
Client --> UserAgent: notify authorization is done. | |
== Client retrieves resource owner's data == | |
UserAgent -> Client: request | |
Client -> "API Server": retrieve data w/access token | |
activate "API Server" | |
"API Server" --> Client | |
Client --> UserAgent: response | |
@enduml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment