On 29/12/2014 20:44, Rémy Hubscher wrote:
So after signin you access another content-server served page to do the
encryption
It could also be just an additional function of the main oauth signin
page. It already has a bunch of javascript logic in there for doing
other things.
before going back to the service provider?
Before redirecting back to the relier, yes.
(The terms "relier" and "service provider" have fairly precise meanings
in oauth so I want to make sure we're using the correct one here).
Ryan
Le 29/12/2014 10:42, Ryan Kelly a écrit :
On 29/12/2014 20:33, Rémy Hubscher wrote:
Le 29/12/2014 10:31, Ryan Kelly a écrit :
They are encrypted by client-side javascript from the content server
This is the part I didn't understand. On which resource of the
content-server?
The oauth provisioning page. IIRC in production this is:
https://accounts.firefox.com/oauth/signin
Ryan
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct
