Everything OAuth

•

10 gefällt mir•3,588 views

A presentation given at Codebits 2010 about everything related to OAuth. I didn't go into any deep technical details as I tried to cover most OAuth related topics.

Technologie Weiterbildung und Persönlichkeitsentwicklung

Weitere ähnliche Inhalte

Andere mochten auch

Native Cross-Platform-Apps mit Titanium Mobile und AlloyMayflower GmbH

Test-Driven JavaScript Development IPCMayflower GmbH

Mongo DB - Segen oder FluchMayflower GmbH

Api Design & The Paris SubwayBruno Pedro

Activity Streams And ContextsBruno Pedro

Maintainable consumersBruno Pedro

Shoeism - Frau im GlückMayflower GmbH

Autenticação e Autorização (in portuguese)Bruno Pedro

Plugging holes — javascript memory leak debuggingMayflower GmbH

Who's using your API?Bruno Pedro

Salt and pepper — native code in the browser Browser using Google native ClientMayflower GmbH

APIs Love to ChatBruno Pedro

How to Automate API DiscoveryBruno Pedro

The importance of /meBruno Pedro

Is OAuth Really Secure?Bruno Pedro

Information Retrieval ChallengesBruno Pedro

API Code GenerationBruno Pedro

Why and what is goMayflower GmbH

Piwik anpassen und skalierenMayflower GmbH

Asynchronous Microservices in nodejsBruno Pedro

Andere mochten auch (20)

Native Cross-Platform-Apps mit Titanium Mobile und Alloy

Test-Driven JavaScript Development IPC

Mongo DB - Segen oder Fluch

Api Design & The Paris Subway

Activity Streams And Contexts

Maintainable consumers

Shoeism - Frau im Glück

Autenticação e Autorização (in portuguese)

Plugging holes — javascript memory leak debugging

Who's using your API?

Salt and pepper — native code in the browser Browser using Google native Client

APIs Love to Chat

How to Automate API Discovery

The importance of /me

Is OAuth Really Secure?

Information Retrieval Challenges

API Code Generation

Why and what is go

Piwik anpassen und skalieren

Asynchronous Microservices in nodejs

Mehr von Bruno Pedro

What are Web APIsBruno Pedro

Growing your business with an APIBruno Pedro

Product growth with an APIBruno Pedro

How to grow your business with an APIBruno Pedro

How to Automate API TestingBruno Pedro

OAuth checklistBruno Pedro

OOP (in portuguese)Bruno Pedro

Segurança (in portuguese)Bruno Pedro

Cache e Performance (in portuguese)Bruno Pedro

Web Services (in portuguese)Bruno Pedro

Sessões (in portuguese)Bruno Pedro

User Interface (in portuguese)Bruno Pedro

Takeoff2008Bruno Pedro

Mehr von Bruno Pedro (13)

What are Web APIs

Growing your business with an API

Product growth with an API

How to grow your business with an API

How to Automate API Testing

OAuth checklist

OOP (in portuguese)

Segurança (in portuguese)

Cache e Performance (in portuguese)

Web Services (in portuguese)

Sessões (in portuguese)

User Interface (in portuguese)

Takeoff2008

Kürzlich hochgeladen

Salesforce Community Group Quito, Salesforce 101Paola De la Torre

Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix

The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal

A Domino Admins Adventures (Engage 2024)Gabriella Davis

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia

Scaling API-first – The story of a global engineering organizationRadu Cotescu

Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada

Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik

Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC

How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes

GenCyber Cyber Security Day PresentationMichael W. Hawkins

Presentation on how to chat with PDF using ChatGPT code interpreternaman860154

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700

04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG

Google AI Hackathon: LLM based Evaluator for RAGSujit Pal

Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited

Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK

Kürzlich hochgeladen (20)

Salesforce Community Group Quito, Salesforce 101

Swan(sea) Song – personal research during my six years at Swansea ... and bey...

The Codex of Business Writing Software for Real-World Solutions 2.pptx

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service

A Domino Admins Adventures (Engage 2024)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Scaling API-first – The story of a global engineering organization

Maximizing Board Effectiveness 2024 Webinar.pptx

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024

Injustice - Developers Among Us (SciFiDevCon 2024)

Breaking the Kubernetes Kill Chain: Host Path Mount

How to Troubleshoot Apps for the Modern Connected Worker

GenCyber Cyber Security Day Presentation

Presentation on how to chat with PDF using ChatGPT code interpreter

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Google AI Hackathon: LLM based Evaluator for RAG

Data Cloud, More than a CDP by Matt Robison

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365

Unblocking The Main Thread Solving ANRs and Frozen Frames

Hinweis der Redaktion

Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Blaine Cook from twitter, Chris Messina, David Recordon,Larry Halff from magnolia and others
RFC only published in April 2010
Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Example from twitter connections settings
Example from facebook where you can revoke apps and also individual permissions
Example from facebook where you can revoke apps and also individual permissions
Let&#x2019;s see an example (next slide)
OOB = Out of Band aka PIN OAuth
Consumer sends along info about service provider and asks to verify credentials
OAuthpocalypse happened on August 31st 2010
Prevents man-in-the-middle attack
SAML: Security Assertion Markup Language