Use auth2.0 to discuss the authentication logic of Internet development, openness, and cooperation between multiple platforms

Others 2021-02-26 23:02:32 views: null

Understand auth 2.0 
* A simple explanation of OAuth 2.0

Four ways of OAuth 2.0 

    Interpretation of industry open agreements

          1. AUTHORIZATION_CODE and openUid are returned through the web, and there is no tenant's private id. (In fact, you can go further, you can learn from the payment method, the server encrypts the information and transfers it to the B account, and the B website requires the public key and the storage of the private key. , In this way, the security of authorityCode is equivalent to access_token, which is associated with a certain tenant id) 2. AuthorityCode can be associated with the specified interface and data. This step is for the user to authorize to see which data he wants to authorize.

    2. Because the existing authorityCode is not so secure, it is necessary to obtain an access_token through a second request from the server.

WeChat open platform development-webpage WeChat scan code login (OAuth2.0)

    Interpretation of WeChat oauth best practices:

       WeChat’s oauth is a bit more than the industry’s oatuth protocol. When you get the AUTHORIZATION_CODE, you need to set the scope to let users know clearly what data I authorize. Dingding’s current authorization to isv is general and one-time. Follow-up through the interface line Under the manual approval to limit.

* Another more convenient authorization mode  is the authorization login of WeChat applet

The author's interpretation:

   1. Authorization is ubiquitous. The authorityCode of oAtuh in the industry is actually the opening of global data. Access_token is only a temporary access to the data of a certain scope. However, in the practice of WeChat, the scope has been restricted during the authorityCode acquisition phase. 
   2. The essence of openness is To solve the problem of developing a set of authorized configurable platform for developers.
   3. How to open the cooperation between the platform and the platform?

       One way is for platform A to encapsulate all interfaces of platform B. This is a lot of work, and all interfaces need to be encapsulated. It cannot be generalized because the device uid of the other party is not standardized. Platform A has no way to pass the verified devUid to B Platform. It will cause 1 user to manipulate the data of 2 users, and both pieces of data are stored on platform A and platform B. 

        Another way is the authorization mode. Authorize 1 user data to isv1, and call directly through isv1

Guess you like

Origin blog.csdn.net/fei33423/article/details/107836766
Recommended
"U.S. Threats and Damage to Global Cyberspace Security and Development" report released
Ranking
[DP] expected [UVA1498] Activation
What is the ABAP Dynpro program
记录一下halcon例程报错和两个视觉库感兴趣区域绘制
characterReplacement-the longest repeated character after replacement
Target element by id somewhere within an element targeted by id
Test classification
NOI 8780 interceptor missile linear dp
Equipment inspection management wants to fine, light streams Weapon children
sql packet takes the value of the most
Computer java project recommendation SSM (Spring+SpringMVC+MyBatis) takeaway ordering management system
Daily
More
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)

Code World

© 2018 codetd.com