### OpenID (não "OpenID Connect") { #openid-not-openid-connect }

Houve também uma especificação “OpenID”. Ela tentou resolver a mesma coisa que a **OpenID Connect**, mas não baseada em OAuth2.

Então, ela foi um sistema adicional completo.

Ela não é muito popular ou usada nos dias de hoje.

## OpenAPI { #openapi }

	Notify notify.Config `json:"notify"`

	// Logger configuration
	Logger logger.Config `json:"logger"`

	// Compression configuration
	Compression compress.Config `json:"compress"`

	// OpenID configuration
	OpenID openid.Config `json:"openid"`

	// External policy enforcements.
	Policy struct {
		// OPA configuration.
		OPA opa.Args `json:"opa"`

		// Add new external policy enforcements here.
	} `json:"policy"`

///

## OpenID Connect { #openid-connect }

OpenID Connect는 **OAuth2**를 기반으로 한 또 다른 명세입니다.

OAuth2에서 비교적 모호한 부분을 일부 구체화하여 상호 운용성을 높이려는 확장입니다.

예를 들어, Google 로그인은 OpenID Connect를 사용합니다(내부적으로는 OAuth2를 사용).

하지만 Facebook 로그인은 OpenID Connect를 지원하지 않습니다. 자체적인 변형의 OAuth2를 사용합니다.

### OpenID("OpenID Connect"가 아님) { #openid-not-openid-connect }

//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package openid

import "github.com/minio/minio/internal/config"

// Help template for OpenID identity feature.
var (
	defaultHelpPostfix = func(key string) string {
		return config.DefaultHelpPostfix(DefaultKVS, key)
	}

	Help = config.HelpKVS{
		config.HelpKV{

///

## OpenID Connect { #openid-connect }

OpenID Connectは、**OAuth2**をベースにした別の仕様です。

これはOAuth2を拡張したもので、OAuth2ではやや曖昧だった部分を明確にし、より相互運用性を高めようとしたものです。

例として、GoogleのログインはOpenID Connectを使用しています（これはOAuth2がベースになっています）。

しかし、FacebookのログインはOpenID Connectをサポートしていません。OAuth2を独自にアレンジしています。

### OpenID (「OpenID Connect」ではない) { #openid-not-openid-connect }

		return ErrAdminConfigIDPCfgNameDoesNotExist
	}
	return ErrNone
}

// AddIdentityProviderCfg: adds a new IDP config for openid/ldap.
//
// PUT <admin-prefix>/idp-cfg/openid/dex1 -> create named config `dex1`
//
// PUT <admin-prefix>/idp-cfg/openid/_ -> create (default) named config `_`
func (a adminAPIHandlers) AddIdentityProviderCfg(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()

import org.lastaflute.web.login.credential.LoginCredential;

/**
 * OpenID Connect credential implementation.
 */
public class OpenIdConnectCredential implements LoginCredential, FessCredential {

    private final Map<String, Object> attributes;

    /**
     * Creates a new OpenID Connect credential.
     *
     * @param attributes the attributes from OpenID Connect provider
     */

		if !ok {
			return errors.New("STS JWT Token has `azp` claim invalid, `azp` must match configured OpenID Client ID")
		}
		if !azpValues.Contains(pCfg.ClientID) {
			return errors.New("STS JWT Token has `azp` claim invalid, `azp` must match configured OpenID Client ID")
		}
	}

	return nil
}

from starlette.exceptions import HTTPException
from starlette.requests import Request
from starlette.status import HTTP_401_UNAUTHORIZED


class OpenIdConnect(SecurityBase):
    """
    OpenID Connect authentication class. An instance of it would be used as a
    dependency.

    **Warning**: this is only a stub to connect the components with OpenAPI in FastAPI,

    protected static final String OIC_REDIRECT_URL = "oic.redirect.url";

    /** Configuration key for OpenID Connect token server URL. */
    protected static final String OIC_TOKEN_SERVER_URL = "oic.token.server.url";

    /** Configuration key for OpenID Connect client secret. */
    protected static final String OIC_CLIENT_SECRET = "oic.client.secret";