Intro to Backend Development
  • Introduction
  • SP25 Syllabus
  • Apply to Take the Course
  • Getting Started
  • Weekly Feedback Form
  • Ed Discussion
  • Intro to Backend SP25 Google Calendar
  • Cheat Sheets
    • Assignment Requirements
    • Assignment FAQs
    • Error FAQs 😢
    • Concept FAQs
    • Postman
    • Command Line
    • Virtual Environment
  • Chapters
    • 1. Routes
      • Pre-Class TODO's
      • Lecture
      • Assignment Handout
      • API Specification
    • 2. Databases
      • Pre-Class TODO's
      • Lecture
      • Demo
      • Assignment Handout
      • API Specification
    • 3. Relational Databases
      • Pre-Class TODO's
      • Lecture
      • Demo
      • Assignment Handout
      • API Specification
    • 4. Abstractions
      • Pre-Class TODO's
      • Lecture
      • Demo
      • Assignment Handout
      • API Specification
    • 5. Containerization
      • Pre-Class TODO's
      • Docker Installation
      • Lecture
      • Demo
      • Assignment Handout
    • 6. Deployment
      • Lecture
      • Demo
      • Assignment Handout
    • 7. Images
      • Demo
      • Assignment Handout
    • 8. Authentication
      • Lecture
      • Demo
      • Assignment Handout
    • (Work in Progress) OAuth
      • Pre-Class TODO's
      • Lecture
      • Demo
      • OAuth 2.0 vs OpenID
      • Flask / OpenID example
  • Additional Topics
    • Git and Github
    • HackOurCampus
  • Other AppDev Courses
    • Intro to iOS Development
    • Intro to Android Development
    • Intro to Digital Product Design
  • Deprecated
    • Previous Semester Syllabi
      • FA22 Syllabus
      • SP22 Syllabus
      • FA21 Syllabus
      • SP21 Syllabus
      • FA20 Syllabus
      • SP20 Syllabus
    • Deployment Pre-Class TODO's
    • PA6 Assignment Handout
    • Deployment Demo
    • Final Project (Spring 2019)
      • Final Project Award Winners
Powered by GitBook
On this page
  • OAuth 2.0
  • Registration
  • Redirect URI
  • Code Generation
  • BELOW IS UNDER DEVELOPMENT
  • OAuth 1.0
  • Roles
  • Credentials
  • Flow
  • Signature
  • OAuth 2.0
  • Roles
  • Flow
  • Grant Types
  • Client Authentication Models
  • Scope and Access Control
  • OpenID Connect
  • Claims

Was this helpful?

  1. Chapters
  2. (Work in Progress) OAuth

Lecture

Contributors: Conner Swenberg

OAuth 2.0

You have most likely interacted with OAuth already via "Login with Facebook" or "Login with Google". Either of these options allows you to authenticate yourself without having to use a separate username and password for a particular service, just piggy-back off of another service's authentication.

Stakeholder

Benefit

Service / application

Streamlines user registration / login

Users "resource owners"

Minimizes number of accounts

API "resource server" (Facebook/Google)

Gains valuable data on your use of other services

Registration

Our service that intends to use OAuth needs to register itself with the resource server, receiving their own client ID and client secret.

Redirect URI

Our service also needs to declare to the resource server a redirect URI. This tells the resource server where to bring users back to after logging with their authentication system.

Code Generation

  1. Service pulls up a custom resource server login page unique to their client ID and redirect URI.

  2. Client returned a new code upon successful login

  3. Client will use this code to fetch a session token from the resource server

BELOW IS UNDER DEVELOPMENT

OAuth 1.0

Roles

Credentials

Flow

Signature

OAuth 2.0

Roles

Flow

Grant Types

Authorization Code

Implicit

Resource Owner Password

Client Credential

Client Authentication Models

Scope and Access Control

OpenID Connect

Claims

PreviousPre-Class TODO'sNextDemo

Last updated 1 year ago

Was this helpful?

creds
creds