跳到主要内容

8. 参考文献

8.1. 规范性参考文献

[IANA.JWT] IANA, "JSON Web Token (JWT)", <https://www.iana.org/assignments/jwt>.

[IANA.OAuth.Parameters] IANA, "OAuth Parameters", <https://www.iana.org/assignments/oauth-parameters>.

[JWT] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token (JWT)", RFC 7519, DOI 10.17487/RFC7519, May 2015, <https://www.rfc-editor.org/info/rfc7519>.

[RFC2119] Bradner, S., "RFC 中用于表示要求级别的关键词", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>.

[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "统一资源标识符 (URI): 通用语法", STD 66, RFC 3986, DOI 10.17487/RFC3986, January 2005, <https://www.rfc-editor.org/info/rfc3986>.

[RFC6749] Hardt, D., Ed., "OAuth 2.0 授权框架", RFC 6749, DOI 10.17487/RFC6749, October 2012, <https://www.rfc-editor.org/info/rfc6749>.

[RFC7662] Richer, J., Ed., "OAuth 2.0 令牌自省", RFC 7662, DOI 10.17487/RFC7662, October 2015, <https://www.rfc-editor.org/info/rfc7662>.

[RFC8174] Leiba, B., "RFC 2119 关键词中大小写的歧义", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/info/rfc8174>.

[RFC8259] Bray, T., Ed., "JavaScript Object Notation (JSON) 数据交换格式", STD 90, RFC 8259, DOI 10.17487/RFC8259, December 2017, <https://www.rfc-editor.org/info/rfc8259>.

8.2. 资料性参考文献

[OASIS.saml-core-1.1] Maler, E., Mishra, P., and R. Philpott, "OASIS Security Assertion Markup Language (SAML) V1.1 的断言和协议", OASIS Standard oasis-sstc-saml-core-1.1, September 2003, <https://www.oasis-open.org/committees/download.php/3406/oasis-sstc-saml-core-1.1.pdf>.

[OASIS.saml-core-2.0-os] Cantor, S., Kemp, J., Philpott, R., and E. Maler, "OASIS Security Assertion Markup Language (SAML) V2.0 的断言和协议", OASIS Standard saml-core-2.0-os, March 2005, <http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf>.

[OAUTH-RESOURCE] Campbell, B., Bradley, J., and H. Tschofenig, "OAuth 2.0 的资源指示符", Work in Progress, Internet-Draft, draft-ietf-oauth-resource-indicators-08, 11 September 2019, <https://tools.ietf.org/html/draft-ietf-oauth-resource-indicators-08>.

[OAUTH-SECURITY] Lodderstedt, T., Bradley, J., Labunets, A., and D. Fett, "OAuth 2.0 安全最佳当前实践", Work in Progress, Internet-Draft, draft-ietf-oauth-security-topics-13, 8 July 2019, <https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13>.

[OpenID.Core] Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., and C. Mortimore, "OpenID Connect Core 1.0", November 2014, <https://openid.net/specs/openid-connect-core-1_0.html>.

[RFC6750] Jones, M. and D. Hardt, "OAuth 2.0 授权框架: Bearer Token 用法", RFC 6750, DOI 10.17487/RFC6750, October 2012, <https://www.rfc-editor.org/info/rfc6750>.

[RFC6755] Campbell, B. and H. Tschofenig, "用于 OAuth 的 IETF URN 子命名空间", RFC 6755, DOI 10.17487/RFC6755, October 2012, <https://www.rfc-editor.org/info/rfc6755>.

[RFC6819] Lodderstedt, T., Ed., McGloin, M., and P. Hunt, "OAuth 2.0 威胁模型与安全考量", RFC 6819, DOI 10.17487/RFC6819, January 2013, <https://www.rfc-editor.org/info/rfc6819>.

[RFC7521] Campbell, B., Mortimore, C., Jones, M., and Y. Goland, "OAuth 2.0 客户端认证和授权许可的断言框架", RFC 7521, DOI 10.17487/RFC7521, May 2015, <https://www.rfc-editor.org/info/rfc7521>.

[RFC7523] Jones, M., Campbell, B., and C. Mortimore, "用于 OAuth 2.0 客户端认证和授权许可的 JSON Web Token (JWT) Profile", RFC 7523, DOI 10.17487/RFC7523, May 2015, <https://www.rfc-editor.org/info/rfc7523>.

[WS-Trust] Nadalin, A., Ed., Goodner, M., Ed., Gudgin, M., Ed., Barbir, A., Ed., and H. Granqvist, Ed., "WS-Trust 1.4", February 2012, <https://docs.oasis-open.org/ws-sx/ws-trust/v1.4/ws-trust.html>.