Yadis 1.0 (HTML) – Yadis (captured Jun 30 ’08): 俺訳/俺メモ

Yadis 1.0 (HTML) – Yadis  の訳とメモ。

6 The Yadis Protocol

 


6.1 Overview of the Yadis Protocol

The purpose of the Yadis protocol is to enable a Relying Party to obtain a Yadis Resource Descriptor that describes the services available using a Yadis ID.   ( RPがYaisリソースディスクリプタを取得するためのプロトコル。YadisリソースディスクリプタはYadis IDで示されるサービスを説明する)

  • Yadisプロトコル
  • RP
  • Yadisリソースディスクリプタ
  • Yadis ID

 


6.1.1 Obtaining the Yadis Resource Descriptor

When a User offers a Yadis ID to a Relying Party, that Relying Party will want to discover which services are available using that Yadis ID.

Examples:

Is it an OpenID URL, an XRI, a LID, or …?
What authentication services are available for this Yadis ID?
What other services?

To do that, the Relying Party Agent makes an HTTP request. This request may take any one of several forms, specified in Clause 6.2.3 of this Yadis Specification.

In response to the request, the Relying Party Agent obtains either:

  1. A Yadis document(Yadisドキュメント )
  2. A URL that locates a Yadis document. (YadisドキュメントへのURL )

If the Relying Party Agent obtains a URL, the Relying Party Agent uses that URL to obtain the Yadis document.

The Yadis document contains a Yadis Resource Descriptor, which identifies the services available using that Yadis ID, including services that can authenticate the User.

For a description of the Yadis document, see Clause 7, Yadis document.

 


6.1.2 Authentication services

The Yadis protocol was originally intended to be used to discover authentication services that can be used with a Yadis ID. This Specification enables discovery of other services.

This Specification does not prescribe the operation of authentication services. Authentication is performed using one or more discovered services. The Relying Party Agent uses the information in the Yadis Resource Descriptor to choose an service suitable to its purposes, and uses that service to authenticate the user.

 


6.1.3 Other services

Yadis resources offer other services, in addition to authentication. These services are identified in the Yadis Resource Descriptor and each service operates according to the specification of that particular Yadis service.

Example:

LID defines a RESTful protocol that allows the structured query of data about the Yadis User. LID Profile Exchange can be offered as a Yadis Service.

 


6.2 Protocol Specification

The HTTP protocol MUST be used for all interactions of the Yadis protocol.

If the scheme name of a Yadis URL is ‘https’, HTTP must be used, in accordance with current conventions, so that the session data is encrypted using a version of the Transport Layer Security or Secure Socket Layer protocols.

 


6.2.1 Yadis ID

A Yadis ID is a identifier used by one or more Yadis Services. A Yadis ID MAY be a URL; it MUST be an identifier that is resolvable to a URL.

Note:

This Specification does not require a Relying Party Agent to resolve an XRI or other identifier. Some Relying Party Agents may work only when the Yadis ID is a URL.  (XRIは必須ではなく、URLしか解決できないRPエージェントがある)

 

6.2.2 Yadis URL

If a Yadis ID is a URL, it is a Yadis URL; if it is not a URL, the URL to which it resolves is the corresponding Yadis URL. The scheme name of a Yadis URL must be ‘http’ or ‘https’.

 


6.2.3 Alternatives

A Relying Party Agent MAY use the YADIS URL to make an HTTP GET request. The response MAY contain, in an HTTP response-header or in an HTML document, a Resource Descriptor URL giving the location of the YADIS document. If it does, the Relying Party Agent then obtains the YADIS document using that URL.

The Yadis Protocol also includes two alternatives:

The Relying Party Agent MAY first issue an HTTP HEAD request. In that case, the Resource Descriptor URL MAY be returned in an HTTP response-header. (RPエージェントはHEADリクエストしてよい。レスポンスヘッダーにはリソースディスクリプタURLが入っている)
The Relying Party Agent MAY include in the HTTP GET request an Accept request-header asking for the Yadis document to be returned. In that case the Yadis document MAY be returned in response to that request, instead of an HTML document. (GETにAcceptリクエストヘッダーをいれてYadisドキュメントを受け取ってよい。この場合、レスポンスはYadisドキュメントであってHTMLではない)

Note:

If the server supports content negotiation for the Yadis URL, the response needs to include a Vary: Accept header to allow caches to properly interpret future requests. This header needs to be present even in the case where the HTML page is returned (instead of a Yadis document).

The following Clauses specify the steps of the Yadis Protocol.

 


6.2.4 Initiation

The Yadis Protocol is initiated by the Relying Party Agent with an initial HTTP request using the Yadis URL.

This request MUST be either a GET or a HEAD request.

A GET or HEAD request MAY include an HTTP Accept request-header (HTTP 14.1) specifying MIME media type, application/xrds+xml.

RPがYadisURLを使ってHTTPリクエストを開始することでYadisプロトコルは開始する。GETかHEADで無ければならない。Acceptヘッダー(HTTP 14.1)をapplicaton/xrds+xmlのMIMEメディアタイプで指定してよい。 


6.2.5 Response

The response MUST be one of:

  1. An HTML document with a <head> element that includes a <meta> element with http-equiv attribute, X-XRDS-Location,
  2. HTTP response-headers that include an X-XRDS-Location response-header, together with a document
  3. HTTP response-headers only, which MAY include an X-XRDS-Location response-header, a content-type response-header specifying MIME media type, application/xrds+xml, or both.
  4. A document of MIME media type, application/xrds+xml.


 
1の例
<html> <head> <link rel="openid2.provider openid.server" href="http://openid.centos.hdknr/server/server.php&quot;/> <meta httpequiv="X-XRDS-Location" content="http://openid.centos.hdknr/server/server.php/userXrds?user=hdknr&quot; /> </head> <body> This is the identity page for users of this server. </body>

 

6.2.6 Resource Descriptor URL

The response MAY include an X-XRDS-Location HTTP response-header; the value of that header MUST be a Yadis Resource Descriptor URL.

The response MAY include an HTML document with a <head> element containing a <meta> element whose http-equiv attribute is X-XRDS-Location; the value of that attribute MUST be a Yadis Resource Descriptor URL.

If the response includes Yadis Resource Descriptor URLs in both an HTTP response-header and an HTML document <head> element, the Yadis Resource Descriptor URL in the HTTP response-header must be used. (レスポンスヘッダーとHTMLの<head/>の両方にURLが入っていたら,レスポンスヘッダーのURLを使うこと)

A Yadis Resource Descriptor URL MUST be an absolute URL; it MUST locate a Yadis document (see Clause 7).

If the response includes both a content-type response-header specifying MIME media type, application/xrds+xml and a Yadis Resource Descriptor URL, then the Yadis document is located by that Yadis Resource Descriptor URL.

 


6.2.7 Document

If the response does not include a Yadis Resource Descriptor URL and the response is a document of MIME media type application/xrds+xml, then that document MUST be a Yadis document (see Clause 7).

 


6.2.8 Second Request

If the response includes a Yadis Resource Descriptor URL, the Relying Party Agent MUST request the document located by that URL. (レスポンスにYadisリソースディスクリプタURLが入っていたらRPはそのURLのドキュメントをリクエストしなければならない)

If the response to an HTTP HEAD request does not contain a Yadis Resource Descriptor URL, the Relying Party Agent MUST then issue an HTTP GET request to the Yadis URL.

 


6.2.9 Third Request

The response to an HTTP GET request that follows an HTTP HEAD request MUST be handled as prescribed in 6.2.6 for an initial HTTP GET request. This MAY result in a third request using a Yadis Resource Descriptor URL.

 


6.2.10 Termination

When a Yadis document is returned to the Relying Party Agent the Yadis Protocol terminates. (RPにYadisドキュメントが帰ってきたらYadisプロトコル終了)

Note:

Further steps depend on the services identified in the Yadis Resource Descriptor and the intent of the Relying Party Agent; they are outside of the scope of the current Yadis Specification.

Example:

A Relying Party Agent may, in the next step, authenticate the user agent through OpenID and then perform a LID Profile Exchange.

 


6.2.11 Failure

If none of the requests succeed in obtaining a Yadis document then the URL used in the initial request is not a Yadis URL or there has been a failure. (Yadisドキュメントが帰ってこなかったら、最初のURLがYadisURLでないかあるいは障害が発生したことになる)

 
 

 

  • Yadis 1.0 (HTML) – Yadis

  • カテゴリー: 未分類 パーマリンク

    コメントを残す

    以下に詳細を記入するか、アイコンをクリックしてログインしてください。

    WordPress.com ロゴ

    WordPress.com アカウントを使ってコメントしています。 ログアウト / 変更 )

    Twitter 画像

    Twitter アカウントを使ってコメントしています。 ログアウト / 変更 )

    Facebook の写真

    Facebook アカウントを使ってコメントしています。 ログアウト / 変更 )

    Google+ フォト

    Google+ アカウントを使ってコメントしています。 ログアウト / 変更 )

    %s と連携中