Confirm
471
edits
Changes
add use-the-auth-token high-level picture
The client recomputes the MAC, compares it (throwing an error if it doesn't match), extracts the ciphertext, XORs it with the derived respXORkey, then returns the authToken value.
= After Login: Using the authToken =
After the authToken is acquired, the client can create a session and fetch the encryption keys. The high-level flow looks like this:
[[File:PICL-IdPAuth-session-start.png|Using the authToken]]
= Creating a Session =
