OAuth 2 in action / Justin Richer, Antonio Sanso ; foreword by Ian Glazer.

Format:

Book

Author/Creator:

Richer, Justin, author.

Sanso, Antonio, author.

Contributor:

Glazer, Ian, writer of foreword.

Language:

English

Subjects (All):

Application program interfaces (Computer software).

World Wide Web--Security measures.

World Wide Web.

Web services--Access control.

Web services.

Data protection.

OAuth.

Physical Description:

1 online resource (1 volume) : illustrations

Edition:

1st edition

Other Title:

OAuth two in action

Place of Publication:

Shelter Island, New York : Manning Publications, [2017]

System Details:

text file

Summary:

Summary OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You’ll learn how to confidently and securely build and deploy OAuth on both the client and server sides. About the Technology Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services. About the Book OAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You’ll begin with an overview of OAuth and its components and interactions. Next, you’ll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you’ll dig into tokens, dynamic client registration, and more advanced topics. By the end, you’ll be able to confidently and securely build and deploy OAuth on both the client and server sides. What’s Inside Covers OAuth 2 protocol and design Authorization with OAuth 2 OpenID Connect and User-Managed Access Implementation risks JOSE, introspection, revocation, and registration Protecting and accessing REST APIs About the Reader Readers need basic programming skills and knowledge of HTTP and JSON. About the Authors Justin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.

Contents:

What is OAuth 2.0 and why should you care?

The OAuth dance

Building a simple OAuth client

Building a simple OAuth protected resource

Building a simple OAuth authorization server

OAuth 2.0 in the real world

Common client vulnerabilities

Common protected resources vulnerabilities

Common authorization server vulnerabilities

Common OAuth token vulnerabilities

OAuth tokens

Dynamic client registration

User authentication with OAuth 2.0

Protocols and profiles using OAuth 2.0

Beyond bearer tokens

Summary and conclusions.

Notes:

Includes index.

Description based on print version record.

Includes bibliographical references and index.

ISBN:

9781638352280

1638352283

9781617293276

161729327X

OCLC:

985707693