OAuth 2.0 Guide: Secure Web API Authorization and Authentication by Ryan Boyd 2012 Paperback-image
OAuth 2.0 Guide: Secure Web API Authorization and Authentication by Ryan Boyd 2012 Paperback-image

OAuth 2.0 Guide: Secure Web API Authorization and Authentication by Ryan Boyd 2012 Paperback

$ 16.33

LC Classification Number: QA76.9.A25 Item Length: 9.2 in Publisher: O'reilly Media, Incorporated brand: O'reilly Media, Incorporated gtin13: 9781449311605 Item Weight: 5.7 Oz ISBN-10: 1449311601 Number of Pages: 80 Pages Format: Trade Paperback Synopsis: This book is an introduction to OAuth 2.0, an authentication and authorization protocol for the web. If you're a web application developer or mobile app developer, this book will show you the power of using OAuth to determine the identity of your users and get delegated access to their data to improve the user experience of your app., This book is an introduction to OAuth 2.0, an authentication and authorization protocol for the web. If you're a web application developer or mobile app developer, this book will show you the power of using OAuth to determine the identity of your users and get delegated access to their data to improve the user experience of your app. Use cases and code examples covering many popular APIs and identity providers are included., Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users' data--such as user profiles, photos, videos, and contact lists--to improve their experience of your application. Through code examples, step-by-step instructions, and use-case examples, you'll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user's online filesystem, and perform many other tasks. Understand OAuth 2.0's role in authentication and authorization Learn how OAuth's Authorization Code flow helps you integrate data from different business applications Discover why native mobile apps use OAuth differently than mobile web apps Use OpenID Connect and eliminate the need to build your own authentication system Item Width: 7.4 in Intended Audience: Scholarly & Professional Item Height: 0.2 in Illustrated: Yes Author: Ryan Boyd ISBN-13: 9781449311605 Table Of Content: Preface; Conventions Used in This Book; Using Code Examples; Safari® Books Online; How to Contact Us; Acknowledgments;Chapter 1: Introduction; 1.1 How OAuth Was Born; 1.2 Why Developers Should Care About OAuth; 1.3 Why Don't These APIs Just Use Passwords for Authorization?; 1.4 Terminology; 1.5 The Great Debate over Signatures; 1.6 Developer and Application Registration; 1.7 Client Profiles, Access Tokens, and Authorization Flows;Chapter 2: Server-Side Web Application Flow; 2.1 When Should the Authorization Code Flow Be Used?; 2.2 Security Properties; 2.3 User Experience; 2.4 Step-by-Step; 2.5 How Can Access Be Revoked?;Chapter 3: Client-Side Web Applications Flow; 3.1 When Should the Implicit Grant Flow Be Used?; 3.2 Limitations of the Implicit Grant Flow; 3.3 Security Properties; 3.4 User Experience; 3.5 Step-by-Step; 3.6 How Can Access Be Revoked?;Chapter 4: Resource Owner Password Flow; 4.1 When Should the Resource Owner Password Flow Be Used?; 4.2 Security Properties; 4.3 User Experience; 4.4 Step-by-Step;Chapter 5: Client Credentials Flow; 5.1 When Should the Client Credentials Flow Be Used?; 5.2 What APIs Support the Client Credentials Flow?; 5.3 How Does the Client Authenticate?; 5.4 Security Properties; 5.5 Step-by-Step; 5.6 When the Access Token Expires;Chapter 6: Getting Access to User Data from Mobile Apps; 6.1 Why You Should Use OAuth for Native Mobile Apps; 6.2 What Flow Should Be Used for Native Mobile Apps?; 6.3 The (Ugly) Web Browser; 6.4 Enhanced Mobile App Authorization for Specific Providers;Chapter 7: OpenID Connect Authentication; 7.1 ID Token; 7.2 Security Properties; 7.3 Obtaining User Authorization; 7.4 Check ID Endpoint; 7.5 UserInfo Endpoint; 7.6 Performance Improvements; 7.7 Practical OpenID Connect; 7.8 OpenID Connect Evolution;Chapter 8: Tools and Libraries; 8.1 Google's OAuth 2.0 Playground; 8.2 Google's TokenInfo Endpoint; 8.3 Apigee's Console; 8.4 Facebook's Access Token Tool and Access Token Debugger; 8.5 Libraries; 8.6 Going Further;References; Specifications; Vendor Documentation; Mailing Lists; Misc; Subject: Software Development & Engineering / General, Security / Online Safety & Privacy, Programming / Open Source, Security / Networking Type: Textbook Publication Name: Getting Started with OAuth 2. 0 : Programming Clients for Secure Web API Authorization and Authentication Language: English Subject Area: Computers Publication Year: 2012

Description

  1. This book is a fantastic guide for anyone diving into OAuth 2.0! Clear, practical, and well-structured, it breaks down complex concepts into easy-to-follow steps. Ryan Boyd does an excellent job explaining how to implement secure authentication for web APIs, making it perfect for beginners and intermediate developers. The real-world examples help solidify understanding, and the writing keeps things engaging. A must-have for anyone working with modern web security!

    user10491818

Related products