OAuth 2 - '用戶名和密碼流'與'客戶端憑證流'之間的區別是什麼

Question

在這兩種情況下，用戶憑證正在交換訪問令牌。有人可以解釋這種差異嗎？

這裏是http://hueniverse.com

• User-Agent Flow – for clients running inside a user-agent (typically a web browser). 
• Web Server Flow – for clients that are part of a web server application, accessible via HTTP requests. This is a simpler version of the flow provided by OAuth 1.0. 
• Device Flow – suitable for clients executing on limited devices, but where the end-user has separate access to a browser on another computer or device. 
• Username and Password Flow – used in cases where the user trusts the client to handle its credentials but it is still undesirable for the client to store the user’s username and password.  This flow is only suitable when there is a high degree of trust between the user and the client. 
• Client Credentials Flow – the client uses its credentials to obtain an access token. This flow supports what is known as the 2-legged scenario. 
• Assertion Flow – the client presents an assertion such as a SAML assertion to the authorization server in exchange for an access token. 

Answer 1

你在這裏憑據混合起來客戶和用戶流的描述。

客戶端在OAuth環境中總是指獲得授權的應用程序。因此，在應用程序直接向供應商授權自己而不需要用戶的任何輸入（因爲只涉及兩方參與，所以也稱爲2-legged flow）。

該用戶名和密碼流是一個三腳流。用戶將其用戶名和密碼提供給應用程序，然後應用程序使用這些憑證向提供商請求數據。