1. Open APIs for Open Minds
Securing Access with Oauth2
Fernando López Aguilar, TID
(fla@tid.es, @flopezaguilar)
Javier Cerviño, Álvaro Alonso (UPM)
(jcervino@dit.upm.es, aalonsog@dit.upm.es)
9. Web Applications and GEs
8
Generic Enabler
Account
Request+
access-token
redirect
access-code
request access-token
access-token
access-token + path
OK + user info
Web App
OAuthLibrary
10. Web Applications and GEs
GET https://GE_URL HTTP/1.1
Host: GE_hostname
X-Auth-Token: access_token
9
11. AA for free!
10
Back-end Apps
Account
Request+
access-token
Web App
OauthLibrary
Proxy
redirect
access-code
request access-token
access-token
access-token + path
OK + user info