[OAuth2 Learning Road] Introduction

Others 2022-05-25 14:10:08 views: 0

What is OAuth?

    OAuth, short for Open Authorization, is an open standard that allows users to allow third-party applications to access private resources (such as photos, videos, contact lists) stored by the user on a website without requiring the user to name and password are provided to third-party applications.

    OAuth allows users to provide a token instead of a username and password to access their data stored with a specific service provider. Each token authorizes a specific website (eg, a video editing website) to access a specific resource (eg, just a video in a certain album) for a specified period of time (eg, within the next 2 hours). In this way, OAuth allows users to authorize third-party websites to access some specific information, but not all content, that they store with another service provider.

    OAuth is an addition to OpenID, but a completely different service.

    To better understand what OAuth is, you can see a practical example below:    

If you're driving to a hotel for dinner, you'll often lose a lot of time because you can't find a parking space. Is there a good way to avoid this problem? Yes, I heard that some owners of luxury cars are not worried about this problem. Luxury cars are generally equipped with two types of keys: a master key and a parking key. When you arrive at the hotel, you only need to hand over the parking key to the waiter, and the waiter will handle the parking. Compared to the master key, the function of this parking key is limited: it can only start the engine and drive the car for a limited distance, it can lock the car, but it cannot open the trunk or use other equipment in the car. Here is a simple "open authorization" idea: through a parking key, the owner can authorize some functions of the car (such as starting the engine, driving a limited distance) to the waiter.

 

    (The above is taken from the Internet)

    This is authorization. After reading the above, you should have a preliminary understanding of what OAuth is, but these things are useless in the development of the application? If you want to know more about this open standard, you can go to the official website or read RFC6749 , which are pure theory.

 

What is OAuth for?

    Know what OAuth is? It is obvious what OAuth does. It is to open up its own resources in a way that has permission to use it.

 

 

Why is there OAuth?

    Why OAuth? Because OAuth can do what only he can do? So it was born.

 

OAuth1 and OAuth2

    In short, OAuth2 is the second version of OAuth1, but OAuth2 is simpler, and this article is all about OAuth2. See wikipedia

 

Java Implementation of OAuth2

    There are implementations of OAuth2 on various platforms. Now I just look at the implementation of Java. The implementation of Java has the following versions:

http://my.oschina.net/jast90/blog/311851

Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=326848100&siteId=291194637
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com