Using web-based identity providers
The WebRTC API has some methods to provide the web-based identity and SSO (Single Sign-On) mechanism.
As you know from Chapter 1, Developing a WebRTC Application, there are two entities in the scope of a peer-to-peer connection establishing mechanism: offer and answer. Both of these entities can be authenticated by using the web-based identity providers as far as the channels are established using the RTCPeerConnection method.
The key idea is that the side that sends the offer/answer also acts as the Authenticating Party (AP) and obtains an identity assertion from the IdP (identity provider) which then attaches it to the offer/answer entity. Next, the remote peer (the consumer of the offer/answer entity) acts as the Relying Party (RP) and verifies the assertion. Such magic with the IdP is designed to decouple the web browser from any particular identity provider. The web browser should only know how to load the IdP's JavaScript (which is dependent on the...
