Mastering OAuth 2.0 : create powerful applications to interact with popular service providers such as Facebook, Google, Twitter, and more by leveraging the OAuth 2.0 Authorization Framework /
Create powerful applications to interact with popular service providers such as Facebook, Google, Twitter, and more by leveraging the OAuth 2.0 Authorization FrameworkAbout This Book Learn how to use the OAuth 2.0 protocol to interact with the world's most popular service providers, such as Fac...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham, UK :
Packt Publishing,
2015.
|
Colección: | Community experience distilled.
|
Temas: | |
Acceso en línea: | Texto completo Texto completo |
Tabla de Contenidos:
- Cover ; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Why Should I Care About OAuth 2.0? ; Authentication versus authorization; Authentication; Authorization; What problems does it solve?; Federated identity; Delegated authority; Real-life examples of OAuth 2.0 in action; How does OAuth 2.0 actually solve the problem?; Without OAuth 2.0
- GoodApp wants to suggest contacts by looking at your Facebook friends; With OAuth 2.0
- GoodApp wants to suggest contacts by looking at your Facebook friends; Who uses OAuth 2.0?
- Introducing ""The World's Most Interesting Infographic Generator""Summary; Chapter 2: A Bird's Eye View of OAuth 2.0; How does it work?; User consent; Two main flows for two main types of client; Trusted versus untrusted clients; First look at the client-side flow; An untrusted client
- GoodApp requests access for user's Facebook friends using implicit grant; The big picture; When should this be used?; Pros and cons of being an untrusted client; Pros; Cons; First look at the server-side flow.
- A trusted client
- GoodApp requests access for user's Facebook friends using authorization code grantThe big picture; When should this be used?; Pros and cons of being a trusted client; Pros; Cons; What are the differences?; What about mobile?; Summary; Chapter 3: Four Easy Steps; Let's get started; Step 1
- Register your client application; Different service providers, different registration process, same OAuth 2.0 protocol; Your client credentials; Step 2
- Get your access token; A closer look at access tokens; Scope; Duration of access; Token revocation; Sometimes a refresh token.
- Step 3
- Use your access tokenAn access token is an access token; Step 4
- Refresh your access token; What if I don't have a refresh token?; Refresh tokens expire too; Putting it all together; Summary; Chapter 4: Register Your Application; Recap of registration process; Registering your application with Facebook; Creating your application; Setting your redirection endpoint; What is a redirection endpoint?; Find your service provider's authorization and token endpoints; Putting it all together!; Summary; Chapter 5: Get an Access Token with the Client-Side Flow.
- Refresher on the implicit grant flowA closer look at the implicit grant flow; Authorization request; According to the specification; In our application; Access token response; Success; Error; Let's build it!; Build the base application; Install Apache Maven; Create the project; Configure base project to fit our application; Modify the hosts file; Running it for the first time; Make the authorization request; Handle the access token response; Summary; Reference pages; Authorization request; Access token response; Error response; Chhapter 6: Get an Access Token with the Server-Side Flow.