- Released At: 19-12-2020
- Page Views:
- Downloads:
- Table of Contents
- Related Documents
-
Facebook Authentication
Technology White Paper
Copyright © 2020 New H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.
Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.
The information in this document is subject to change without notice.
Overview
The Facebook authentication feature allows you to use the Facebook server as a third-party server to authenticate users. Users can directly use Facebook accounts rather than dedicated accounts for authentication. This feature provides convenience for user login.
Facebook authentication implementation
Mechanism
Typically, third-party authentication applications use OAuth. Facebook authentication uses OAuth 2.0.
Figure 1 Facebook authentication process
Facebook authentication proceeds as follows:
1. A user enters a URL in a browser on a client.
2. The AC redirects the user to the login page.
3. The user clicks the button for Facebook authentication on the login page. Then, the user is redirected to the Facebook login platform.
4. The user enters a Facebook username and password to perform Facebook authentication.
¡ If Facebook authentication succeeds, the Facebook server sends an HTTP reply that carries the authorization code of the Facebook user and the address of the AC to the client. Then, the process goes to step 5.
¡ If Facebook authentication fails, the Facebook server pushes the login failure page to the client. Facebook authentication finishes.
6. The AC requests an access token from the Facebook server based on the received authorization code.
7. The Facebook server returns an access token to the AC.
8. The AC requests information about the Facebook user from the Facebook server based on the received access token.
9. The Facebook server returns the Facebook user information to the AC.
10. The AC associates the Facebook user with the user entry on the AC and pushes the login success page to the client.
On the AC, you can view only the username attribute of Facebook users. To view other attributes of the users, access the Oasis platform.
Restrictions
Before you deploy Facebook authentication on the AC, you must perform the following steps on the Facebook website:
1. Apply for a new Facebook account or use an existing Facebook account to register as a Facebook developer on the Facebook for Developers platform (https://developers.facebook.com/).
2. Add an application. In the application, add the IP address of the AC and the URL to which the AC redirects users after the users pass Facebook authentication.
Application scenarios
Facebook authentication
As shown in Figure 2, the clients connect to the AC through the AP. A user can directly use a Facebook account instead of applying for a dedicated account to perform authentication after obtaining an IP address.
Before passing authentication, the user can access only the Facebook server. After passing authentication, the user can access unlimited network resources.
Figure 2 Facebook authentication network