====== Interaction flow for DokuWiki OAuth ======

~~DRAFT~~
<note>Work in progress</note>

^Info ^ Client/Consumer ^ Server/Service Provider (SP) ^
|use-case| Client wants to make requests to SP on behalf of a user without knowing his/her password at SP.| |
|one-time admin preparation step 1 | | generate/choose consumer key+secret|
|one-time admin preparation step 2 | set consumer key+secret | | 
|one-time //user// preparation step 3 | Initiate a request to SP to obtain a **Request Token**. - This redirect the user to the SP, where the user will need to log-in (if he is not already) and then authorize access for the consumer. In turn the SP will exchange the request-token with an access token.| |
| internal | save access-token for current local user | save access-token for authenticated user |
| repeatedly | sign any request with consumer key+secret and access token+secret| |