Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering OAuth 2.0
  • Table Of Contents Toc
Mastering OAuth 2.0

Mastering OAuth 2.0

By : Charles Bihis
3.5 (6)
close
close
Mastering OAuth 2.0

Mastering OAuth 2.0

3.5 (6)
By: Charles Bihis

Overview of this book

OAuth 2.0 is a powerful authentication and authorization framework that has been adopted as a standard in the technical community. Proper use of this protocol will enable your application to interact with the world's most popular service providers, allowing you to leverage their world-class technologies in your own application. Want to log your user in to your application with their Facebook account? Want to display an interactive Google Map in your application? How about posting an update to your user's LinkedIn feed? This is all achievable through the power of OAuth. With a focus on practicality and security, this book takes a detailed and hands-on approach to explaining the protocol, highlighting important pieces of information along the way. At the beginning, you will learn what OAuth is, how it works at a high level, and the steps involved in creating an application. After obtaining an overview of OAuth, you will move on to the second part of the book where you will learn the need for and importance of registering your application and types of supported workflows. You will discover more about the access token, how you can use it with your application, and how to refresh it after expiration. By the end of the book, you will know how to make your application architecture robust. You will explore the security considerations and effective methods to debug your applications using appropriate tools. You will also have a look at special considerations to integrate with OAuth service providers via native mobile applications. In addition, you will also come across support resources for OAuth and credentials grant.
Table of Contents (17 chapters)
close
close
11
11. Tooling and Troubleshooting
16
Index

Reference pages


Use these pages as reference documentation when requesting access to a protected resource in your application. Adapted from The OAuth 2.0 Authorization Framework: Bearer Token Usage specification [RFC 6750].

An overview of protected resource access

Figure 1 from RFC 6750

The workflow for accessing a protected resource is described by steps (E) and (F), detailed as follows:

  • E: The client requests the protected resource from the resource server and authenticates by presenting the access token.

  • F: The resource server validates the access token, and if valid, serves the request.

The authorization request header field

When sending the access token in a protected resource access request using the authorization request header field method, an Authorization header must be added with its value set as the token type, which is bearer, followed by the token value.

An example of a protected resource access request using this method is:

     GET /resource HTTP/1.1
     Host: server.example.com...
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Mastering OAuth 2.0
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon