1 Authentication and authorization
(1). What is user identity authentication:
user identity authentication means that the system requires the user to verify the user's identity information when accessing system resources, and the identity can continue to be accessed; common forms of user identity authentication are: account password login, fingerprint punching Etc .;
(2). What is user authorization: When a
user is authenticated to access the resources of the system, the system will determine whether the user has the authority to access the resources, only allowing access to authorized resources, and resources without authorization will not Access, this is the user authorization;
The specific requirements and processes of user authentication and authorization:
So what is the Oauth2 protocol: The
third-party authentication technology solution is mainly to solve the general standard problem of the authentication protocol, because to achieve cross-system authentication, each system must follow a certain interface protocol; OAUTH protocol provides a user resource authorization A safe, open, and simple standard, the industry provides multiple implementation language development packages for oauth, saving development time. Because oauth is simple, many large companies provide this certification service, which shows that oauth has gradually become a standard for development authorization.
So what are the modes of this Oauth2 protocol?
Authorization Code (Imorization Code)
Implicit authorization mode (Implicit)
Password mode (Resource Owner PasswordCredentials)
Client mode (Client Credentials) The
specific process is shown in the figure
