Closed awatson1978 closed 8 years ago
In the diagram, the roles of the "Resource Server" and "Authorization Server" are both handled by the the "resourceOwner" example in this repo. So the inter communication between those two is a bit confusing. This functionality is provided by the meteor-oauth2-server package.
The role of "Client Application" is handled by the "resourceServer" example and it's functionality is provided by the meteor-oauth2-client package.
Without some extra meta-data, this diagram is confusing. Here is some information that should help clear up the process.
Step 1: User initiated initiated behavior via HTTP GET.
Step 2: Also user initiated. Typically by clicking the "Login with
Excellent. This is exactly why I decided to ask! :)
I'll update this diagram, and post a revision in a bit.
Okay, so I don't think this diagram is the one to use. It's iconography and colors make it friendly at first glance, and it gives a clear depiction of the different entitites involved in the flow. However, the network sequence is hand-wavy and inexact and confusing. Will be rolling the good points of this diagram into the others.
And is the following diagram in alignment with this source code implementation? Specifically, would resourceOwner in the source code match the ResourceOwner (User) or the Client Application?