0Auth2.0 authentication principle
Oauth allows users to allow third-party applications to access the user's private resources (such as photos, videos, contact lists) stored on a website without providing usernames and passwords to third-party applications.
The OAuth 2.0 authentication process is shown in the figure. The principle is very simple. The user accesses the App, and the App accesses the Authorization Server to request permission. After the Authorization Server obtains the user's consent, it returns a Token. The App requests data from the Authorization Server through this Token. The App can only obtain server data from the Authorization Server, but cannot directly access the Resource. Server. The following uses Facebook's Oath2.0 login process as an example. Step 1: The URL requested by the App to the Oauth Server contains the App's id, key, request type, and returns a string of access tokens and event type codes.
https://facebook.com/dialog/oauth?response type=code&cient id=YOUR CLIENT ID&redirect uri=REDIRECT URI&scope=en Step 2: Call back, jump to the permission confirmation page and wait for the user to confirm the authorization. https://facebook.com/dialog/oauth?response type=code&client id=28653682475872&redirect uri=example.com&scope=email This page calls back to the specified callback page through redirect uri.
Step 3: Use the returned access_token to set the App's id and key to