Everything OAuth

•

10 recomendaciones•3,588 vistas

A presentation given at Codebits 2010 about everything related to OAuth. I didn't go into any deep technical details as I tried to cover most OAuth related topics.

Tecnología Desarrollo personal

Más contenido relacionado

Destacado

Native Cross-Platform-Apps mit Titanium Mobile und AlloyMayflower GmbH

Test-Driven JavaScript Development IPCMayflower GmbH

Mongo DB - Segen oder FluchMayflower GmbH

Api Design & The Paris SubwayBruno Pedro

Activity Streams And ContextsBruno Pedro

Maintainable consumersBruno Pedro

Shoeism - Frau im GlückMayflower GmbH

Autenticação e Autorização (in portuguese)Bruno Pedro

Plugging holes — javascript memory leak debuggingMayflower GmbH

Who's using your API?Bruno Pedro

Salt and pepper — native code in the browser Browser using Google native ClientMayflower GmbH

APIs Love to ChatBruno Pedro

How to Automate API DiscoveryBruno Pedro

The importance of /meBruno Pedro

Is OAuth Really Secure?Bruno Pedro

Information Retrieval ChallengesBruno Pedro

API Code GenerationBruno Pedro

Why and what is goMayflower GmbH

Piwik anpassen und skalierenMayflower GmbH

Asynchronous Microservices in nodejsBruno Pedro

Destacado (20)

Native Cross-Platform-Apps mit Titanium Mobile und Alloy

Test-Driven JavaScript Development IPC

Mongo DB - Segen oder Fluch

Api Design & The Paris Subway

Activity Streams And Contexts

Maintainable consumers

Shoeism - Frau im Glück

Autenticação e Autorização (in portuguese)

Plugging holes — javascript memory leak debugging

Who's using your API?

Salt and pepper — native code in the browser Browser using Google native Client

APIs Love to Chat

How to Automate API Discovery

The importance of /me

Is OAuth Really Secure?

Information Retrieval Challenges

API Code Generation

Why and what is go

Piwik anpassen und skalieren

Asynchronous Microservices in nodejs

Más de Bruno Pedro

What are Web APIsBruno Pedro

Growing your business with an APIBruno Pedro

Product growth with an APIBruno Pedro

How to grow your business with an APIBruno Pedro

How to Automate API TestingBruno Pedro

OAuth checklistBruno Pedro

OOP (in portuguese)Bruno Pedro

Segurança (in portuguese)Bruno Pedro

Cache e Performance (in portuguese)Bruno Pedro

Web Services (in portuguese)Bruno Pedro

Sessões (in portuguese)Bruno Pedro

User Interface (in portuguese)Bruno Pedro

Takeoff2008Bruno Pedro

Más de Bruno Pedro (13)

What are Web APIs

Growing your business with an API

Product growth with an API

How to grow your business with an API

How to Automate API Testing

OAuth checklist

OOP (in portuguese)

Segurança (in portuguese)

Cache e Performance (in portuguese)

Web Services (in portuguese)

Sessões (in portuguese)

User Interface (in portuguese)

Takeoff2008

Último

Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst

Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4

How to Remove Document Management Hurdles with X-Docs?XfilesPro

[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745

Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies

Slack Application Development 101 Slidespraypatel2

SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j

Salesforce Community Group Quito, Salesforce 101Paola De la Torre

08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK

Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies

Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software

Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard

08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls

Install Stable Diffusion in windows machinePadma Pradeep

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski

Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik

Scaling API-first – The story of a global engineering organizationRadu Cotescu

SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren

Notas del editor

Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Blaine Cook from twitter, Chris Messina, David Recordon,Larry Halff from magnolia and others
RFC only published in April 2010
Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Example from twitter connections settings
Example from facebook where you can revoke apps and also individual permissions
Example from facebook where you can revoke apps and also individual permissions
Let&#x2019;s see an example (next slide)
OOB = Out of Band aka PIN OAuth
Consumer sends along info about service provider and asks to verify credentials
OAuthpocalypse happened on August 31st 2010
Prevents man-in-the-middle attack
SAML: Security Assertion Markup Language