reklama - zainteresowany?

Getting Started with OAuth 2.0 - Helion

Getting Started with OAuth 2.0
ebook
Autor: Ryan Boyd
ISBN: 978-14-493-3161-0
stron: 82, Format: ebook
Data wydania: 2012-02-22
Księgarnia: Helion

Cena książki: 63,74 zł (poprzednio: 74,99 zł)
Oszczędzasz: 15% (-11,25 zł)

Dodaj do koszyka Getting Started with OAuth 2.0

Osoby, które kupiÅ‚y tÄ™ książkÄ™, wybieraÅ‚y także »

Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.

Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.

  • Understand OAuth 2.0’s role in authentication and authorization
  • Learn how OAuth’s Authorization Code flow helps you integrate data from different business applications
  • Discover why native mobile apps use OAuth differently than mobile web apps
  • Use OpenID Connect and eliminate the need to build your own authentication system

Dodaj do koszyka Getting Started with OAuth 2.0

 

Osoby które kupowały "Getting Started with OAuth 2.0", wybierały także:

  • Windows Media Center. Domowe centrum rozrywki
  • Ruby on Rails. Ćwiczenia
  • DevOps w praktyce. Kurs video. Jenkins, Ansible, Terraform i Docker
  • Przywództwo w Å›wiecie VUCA. Jak być skutecznym liderem w niepewnym Å›rodowisku
  • Scrum. O zwinnym zarzÄ…dzaniu projektami. Wydanie II rozszerzone

Dodaj do koszyka Getting Started with OAuth 2.0

Spis treści

Getting Started with OAuth 2.0. Programming Clients for Secure Web API Authorization and Authentication eBook -- spis treści

  • Getting Started with OAuth 2.0
  • SPECIAL OFFER: Upgrade this ebook with OReilly
  • A Note Regarding Supplemental Files
  • Preface
    • Conventions Used in This Book
    • Using Code Examples
    • Safari Books Online
    • How to Contact Us
    • Acknowledgments
  • 1. Introduction
    • How OAuth Was Born
    • Why Developers Should Care About OAuth
    • Why Dont These APIs Just Use Passwords for Authorization?
    • Terminology
      • Authentication
      • Federated Authentication
      • Authorization
      • Delegated Authorization
      • Roles
    • The Great Debate over Signatures
      • Mitigating Concerns with Bearer Tokens
      • Signing Your OAuth 2.0 Requests
        • Getting the key
        • Making API requests
    • Developer and Application Registration
      • Why Is Registration Necessary?
    • Client Profiles, Access Tokens, and Authorization Flows
      • Client Profiles
      • Access Tokens
      • Authorization Flows
  • 2. Server-Side Web Application Flow
    • When Should the Authorization Code Flow Be Used?
    • Security Properties
    • User Experience
    • Step-by-Step
      • Step 1: Let the user know what youre doing and request authorization
        • Error handling
      • Step 2: Exchange authorization code for an access token
        • Why both access tokens and refresh tokens?
      • Step 3: Call the API
        • Error handling
      • Step 4a: Refresh the access token
      • Step 4b: Obtaining a new access token
    • How Can Access Be Revoked?
  • 3. Client-Side Web Applications Flow
    • When Should the Implicit Grant Flow Be Used?
    • Limitations of the Implicit Grant Flow
    • Security Properties
    • User Experience
    • Step-by-Step
      • Step 1: Let the user know what youre doing and request authorization
        • Error handling
      • Step 2: Parsing the access token from the URL
      • Step 3: Call the API
      • Step 4: Refreshing the access token
    • How Can Access Be Revoked?
  • 4. Resource Owner Password Flow
    • When Should the Resource Owner Password Flow Be Used?
    • Security Properties
    • User Experience
    • Step-by-Step
      • Step 1: Ask the user for their credentials
      • Step 2: Exchange the credentials for an access token
      • Step 3: Call the API
      • Step 4: Refresh the access token
  • 5. Client Credentials Flow
    • When Should the Client Credentials Flow Be Used?
    • What APIs Support the Client Credentials Flow?
    • How Does the Client Authenticate?
    • Security Properties
    • Step-by-Step
      • Step 1: Exchange the applications credentials for an access token
      • Step 2: Call the API
    • When the Access Token Expires
  • 6. Getting Access to User Data from Mobile Apps
    • Why You Should Use OAuth for Native Mobile Apps
    • What Flow Should Be Used for Native Mobile Apps?
      • Do You Have a Mobile Backend Web Server for Your Application?
    • The (Ugly) Web Browser
      • Embedded WebView
      • System Web Browser
    • Enhanced Mobile App Authorization for Specific Providers
      • For Google
      • For Facebook
  • 7. OpenID Connect Authentication
    • ID Token
    • Security Properties
    • Obtaining User Authorization
    • Check ID Endpoint
    • UserInfo Endpoint
    • Performance Improvements
    • Practical OpenID Connect
      • For Google
      • For Facebook
    • OpenID Connect Evolution
  • 8. Tools and Libraries
    • Googles OAuth 2.0 Playground
    • Googles TokenInfo Endpoint
    • Apigees Console
    • Facebooks Access Token Tool and Access Token Debugger
    • Libraries
    • Going Further
  • A. References
    • Specifications
    • Vendor Documentation
    • Mailing Lists
    • Misc
  • About the Author
  • SPECIAL OFFER: Upgrade this ebook with OReilly

Dodaj do koszyka Getting Started with OAuth 2.0

Code, Publish & WebDesing by CATALIST.com.pl



(c) 2005-2024 CATALIST agencja interaktywna, znaki firmowe należą do wydawnictwa Helion S.A.