1. Home
  2. eBooks
  3. Non-Fiction
  4. Computing & information technology
  5. Computer security
OAuth 2 in Action

OAuth 2 in Action

by Justin Richer and Antonio Sanso
Epub (Kobo), Epub (Adobe)
Publication Date: 06/03/2017
Be the first to write a review

Share This eBook:

  $55.99
Add to List

This item is delivered digitally

"Provides pragmatic guidance on what to do ... and what not to do." - From the Foreword by Ian Glazer, Salesforce


OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer.


Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.


About the Technology


Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.


About the Book


OAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides.


What's Inside



  • Covers OAuth 2 protocol and design

  • Authorization with OAuth 2

  • OpenID Connect and User-Managed Access

  • Implementation risks

  • JOSE, introspection, revocation, and registration

  • Protecting and accessing REST APIs


About the Reader


Readers need basic programming skills and knowledge of HTTP and JSON.


About the Author


Justin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.


Table of Contents



  1. What is OAuth 2.0 and why should you care?

  2. The OAuth dance

  3. Building a simple OAuth client

  4. Building a simple OAuth protected resource

  5. Building a simple OAuth authorization server

  6. OAuth 2.0 in the real world

  7. Common client vulnerabilities

  8. Common protected resources vulnerabilities

  9. Common authorization server vulnerabilities

  10. Common OAuth token vulnerabilities

  11. OAuth tokens

  12. Dynamic client registration

  13. User authentication with OAuth 2.0

  14. Protocols and profiles using OAuth 2.0

  15. Beyond bearer tokens

  16. Summary and conclusions


Part 1 - First steps


Part 2 - Building an OAuth 2 environment


Part 3 - OAuth 2 implementation and vulnerabilities


Part 4 - Taking OAuth further

ISBN:
9781638352280
9781638352280
Category:
Computer security
Format:
Epub (Kobo), Epub (Adobe)
Publication Date:
06-03-2017
Language:
English
Publisher:
Manning

This item is delivered digitally

You can find this item in:

Web programming Internet browsers Network security Computer programming / software development Programming & scripting languages: general Coding theory & cryptology Internet: general works Computer security Web services
Show more Show less

Reviews

Be the first to review OAuth 2 in Action.