{"id":658,"date":"2021-07-18T22:26:02","date_gmt":"2021-07-18T14:26:02","guid":{"rendered":"https:\/\/choson_steven.lifenet.com.tw\/?p=658"},"modified":"2023-03-29T16:25:58","modified_gmt":"2023-03-29T08:25:58","slug":"%e5%ad%98%e5%8f%96%e4%bb%a4%e7%89%8c%ef%bc%88access-token%ef%bc%89","status":"publish","type":"post","link":"https:\/\/choson.lifenet.com.tw\/?p=658","title":{"rendered":"\u5b58\u53d6\u4ee4\u724c\uff08Access Token\uff09"},"content":{"rendered":"\n<p>. \u201c\u65b7\u8a00\u201d\uff08 Assertion\uff09\u662f SAML\uff08\u5b89\u5168\u65b7\u8a00\u6a19\u8a18\u8a9e\u8a00\uff09\u4e2d\u4f7f\u7528\u7684\u8853\u8a9e\uff0c\u76f8\u7576\u65bc OIDC\uff08OpenID Connect\uff09\u4e2d\u7684\u201c\u8072\u660e\u201d\u3002OIDC \u5c07 ID Token\uff08\u7528\u65bc\u8eab\u4efd\u9a57\u8b49\uff09\u8207 Access Token\uff08\u7528\u65bc\u6388\u6b0a\uff09\u5340\u5206\u958b\u4f86\u3002OAuth2 \u4e2d\u4f7f\u7528\u7684\u5b58\u53d6\u4ee4\u724c\u662f\u201c\u627f\u8f09\u201d\u4ee4\u724c\u3002\u64c1\u6709\u5b58\u53d6\u4ee4\u724c\u4f5c\u70ba\u4e0d\u8a18\u540d\u4ee4\u724c\u7684\u4efb\u4f55\u4e00\u65b9\u90fd\u53ef\u4ee5\u5b58\u53d6\u76f8\u95dc\u8cc7\u6e90\u3002<br>. XACML \u7528\u65bc\u6388\u6b0a\uff0c\u5b83\u57fa\u65bc XML\uff0c\u975e\u5e38\u9069\u5408 SAML\u3002<br>. \u5b58\u53d6\u4ee4\u724c\u548c\u4e0d\u8a18\u540d\u4ee4\u724c\u901a\u5e38\u53ef\u4ee5\u4e92\u63db\u4f7f\u7528\u3002\u4f46\u662f\uff0c\u5b58\u53d6\u4ee4\u724c\u5b57\u9762\u4e0a\u8868\u793a\u5b58\u53d6\u63a7\u88fd\u6216\u6388\u6b0a\u7684\u6982\u5ff5\u3002\u4e0d\u8a18\u540d\u4ee4\u724c\u662f\u4ee4\u724c\u7684\u4e00\u7a2e\uff0c\u5b83\u5f37\u8abf\u4ee4\u724c\u7684\u533f\u540d\u6027\u3002<\/p>\n\n\n\n<p><a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc6750\" target=\"_blank\" rel=\"noreferrer noopener\">RFC 6750\uff0cOAuth 2.0 Bearer Token Usage<\/a>\uff0c\u662f\u4e00\u500b\u898f\u7bc4\uff0c\u201c\u63cf\u8ff0\u77ad\u5982\u4f55\u5728 HTTP \u8acb\u6c42\u4e2d\u4f7f\u7528\u4e0d\u8a18\u540d\u4ee4\u724c\u4f86\u5b58\u53d6 OAuth 2.0 \u53d7\u4fdd\u8b77\u7684\u8cc7\u6e90\u3002\u64c1\u6709\u4e0d\u8a18\u540d\u4ee4\u724c\uff08\u201c\u6301\u6709\u8005\u201d\uff09\u7684\u4efb\u4f55\u4e00\u65b9\u90fd\u53ef\u4ee5\u4f7f\u7528\u5b83\u4f86\u5b58\u53d6\u76f8\u95dc\u8cc7\u6e90\uff08\u7121\u9700\u8b49\u660e\u64c1\u6709\u52a0\u5bc6\u5bc6\u9470\uff09\u3002\u70ba\u4e86\u9632\u6b62\u6feb\u7528\uff0c\u9700\u8981\u4fdd\u8b77\u4e0d\u8a18\u540d\u4ee3\u5e63\u5728\u5b58\u5132\u548c\u904b\u8f38\u904e\u7a0b\u4e2d\u4e0d\u88ab\u6d29\u9732\u3002\u201d<br>\u4f46\u662f\uff0c\u5b83\u4e5f\u4f7f\u7528\u8853\u8a9e\u201c\u5b58\u53d6\u4ee4\u724c\u201d\u63cf\u8ff0\u4e86\u5ba2\u6236\u7aef\u548c\u8cc7\u6e90\u670d\u52d9\u5668\u4e4b\u9593\u7684\u901a\u4fe1\uff0c\u5982\u4e0b\u5716\u6240\u793a\uff1a<br><img decoding=\"async\" src=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20210718\/20132160FnRDal2e90.png\" alt=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20210718\/20132160FnRDal2e90.png\"><\/p>\n\n\n\n<p>\u53c3\u8003<br>.&nbsp;<a href=\"https:\/\/auth0.com\/blog\/refresh-tokens-what-are-they-and-when-to-use-them\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u5237\u65b0\u4ee4\u724c\uff1a\u4f55\u6642\u4f7f\u7528\u5b83\u5011\u4ee5\u53ca\u5b83\u5011\u5982\u4f55\u8207 JWT \u4ea4\u4e92<\/a><\/p>\n\n\n\n<p>\u8cc7\u6599\u4f86\u6e90\uff1a\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/wentzwu.com\/2021\/06\/23\/cissp-practice-questions-20210623\/\" target=\"_blank\">Wentz Wu QOTD-20210623<\/a><\/p>\n\n\n\n<p>PS:\u6b64\u6587\u7ae0\u7d93\u904e\u4f5c\u8005\u540c\u610f\u520a\u767b \u4e26\u4e14\u6388\u6b0a\u53ef\u4ee5\u7ffb\u8b6f\u6210\u4e2d\u6587<\/p>\n","protected":false},"excerpt":{"rendered":"<p>. \u201c\u65b7\u8a00\u201d\uff08 Assertion\uff09\u662f SAML\uff08\u5b89\u5168\u65b7\u8a00\u6a19\u8a18\u8a9e\u8a00\uff09\u4e2d\u4f7f\u7528\u7684\u8853\u8a9e\uff0c\u76f8\u7576\u65bc OIDC\uff08OpenI [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-658","post","type-post","status-publish","format-standard","hentry","category-cisspcertified-information-systems-security-professional"],"_links":{"self":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/658","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=658"}],"version-history":[{"count":2,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/658\/revisions"}],"predecessor-version":[{"id":2838,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/658\/revisions\/2838"}],"wp:attachment":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=658"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=658"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=658"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}