OAuth 2 in Action eBook – Mariahilff.de

SummaryOAuthin Action teaches you the practical use and deployment of this HTTP based protocol from the perspectives of a client, authorization server, and resource server You ll learn how to confidently and securely build and deploy OAuth on both the client and server sides Foreword by Ian Glazer Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications About the Technology Think of OAuthas the web version of a valet key It is an HTTP based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control And OAuth is used everywhere, from Facebook and Google, to startups and cloud services About the BookOAuthin Action teaches you practical use and deployment of OAuthfrom the perspectives of a client, an authorization server, and a resource server You ll begin with an overview of OAuth and its components and interactions Next, you ll get hands on and build an OAuth client, an authorization server, and a protected resource Then you ll dig into tokens, dynamic client registration, andadvanced topics By the end, you ll be able to confidently and securely build and deploy OAuth on both the client and server sides What s Inside Covers OAuthprotocol and designAuthorization with OAuth OpenID Connect and User Managed AccessImplementation risksJOSE, introspection, revocation, and registrationProtecting and accessing REST APIs About the Reader Readers need basic programming skills and knowledge of HTTP and JSON About the Author Justin Richer is a systems architect and software engineer Antonio Sanso is a security software engineer and a security researcher Both authors contribute to open standards and open source Table of Contents PartFirst stepsWhat is OAuthand why should you care The OAuth dance PartBuilding an OAuthenvironmentBuilding a simple OAuth client Building a simple OAuth protected resource Building a simple OAuth authorization server OAuthin the real world PartOAuthimplementation and vulnerabilitiesCommon client vulnerabilities Common protected resources vulnerabilities Common authorization server vulnerabilities Common OAuth token vulnerabilities PartTaking OAuth furtherOAuth tokens Dynamic client registration User authentication with OAuthProtocols and profiles using OAuthBeyond bearer tokens Summary and conclusions

8 thoughts on “OAuth 2 in Action