SHARE
TWEET

Untitled

a guest Sep 18th, 2019 100 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 1. Both need the same level of security precautions, because while the client is more exposed to end-user interactions,
  2. the server stores sensitive information.
  3.  
  4. 2. Local storage stores data and it persists even when the browser session is closed, while session storage will be cleared
  5. once the user closes the browser window.
  6.  
  7. 3. It will solve the problem of security concerns when the user does not logout and leave the browser window opened by
  8. expiring JWT token after a certain period of time
  9.  
  10. 4. protected
  11.  
  12. 5. As a protected endpoint, server will send 'unauthorized request' response
  13.  
  14. 6. wait until a certain condition (time, etc) to be met for this callback to respond
  15.  
  16. 7. remove any timeouts. _timeoutId
  17.  
  18. 8. 2, 5
  19.  
  20. 9. OpenID Connect
  21.  
  22. OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
  23. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server,
  24. as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
  25.  
  26. OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients,
  27. to request and receive information about authenticated sessions and end-users.
  28.  
  29. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data,
  30. discovery of OpenID Providers, and session management, when it makes sense for them.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top