封面
版权页
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files eBooks discount offers and more
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Chapter 1. Why Should I Care About OAuth 2.0?
Authentication versus authorization
What problems does it solve?
How does OAuth 2.0 actually solve the problem?
Who uses OAuth 2.0?
Introducing "The World's Most Interesting Infographic Generator"
Summary
Chapter 2. A Bird's Eye View of OAuth 2.0
How does it work?
First look at the client-side flow
First look at the server-side flow
What are the differences?
What about mobile?
Summary
Chapter 3. Four Easy Steps
Let's get started
Step 1 – Register your client application
Step 2 – Get your access token
Step 3 – Use your access token
Step 4 – Refresh your access token
Putting it all together
Summary
Chapter 4. Register Your Application
Recap of registration process
Registering your application with Facebook
Putting it all together!
Summary
Chapter 5. Get an Access Token with the Client-Side Flow
Refresher on the implicit grant flow
A closer look at the implicit grant flow
Let's build it!
Summary
Reference pages
Chapter 6. Get an Access Token with the Server-Side Flow
Refresher on the authorization code grant flow
A closer look at the authorization code grant flow
Let's build it!
Summary
Reference pages
Chapter 7. Use Your Access Token
Refresher on access tokens
Use your access token to make an API call
Let's build it!
Creating the world's most interesting infographic
Summary
Reference pages
Chapter 8. Refresh Your Access Token
A closer look at the refresh token flow
What if I have no refresh token? Or my refresh token has expired?
The ideal workflow
Summary
Reference pages
Chapter 9. Security Considerations
What's at stake?
Security best practices
Common attacks
Summary
Chapter 10. What About Mobile?
What is a mobile application?
What flow should we use for mobile applications?
Hybrid architectures
Authorization via application instead of user-agent
Summary
Chapter 11. Tooling and Troubleshooting
Tools
Troubleshooting
Summary
Chapter 12. Extensions to OAuth 2.0
Extensions to the OAuth 2.0 framework
OpenID Connect
Summary
Appendix A. Resource Owner Password Credentials Grant
When should you use it?
Reference pages
Appendix B. Client Credentials Grant
When should you use it?
Reference pages
Overview of the client credentials grant
Appendix C. Reference Specifications
The OAuth 2 Authorization Framework
The OAuth 2 Authorization Framework: Bearer Token Usage
OAuth 2.0 Token Revocation
OAuth 2.0 Thread Model and Security Considerations
Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants
Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
JSON Web Token (JWT)
JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
OpenID Connect Core 1.0
HTTP Authentication: Basic and Digest Access Authentication
Index
更新时间:2021-07-30 10:05:29
完结共104章
倒序