finelybook
OAuth 2.0 Cookbook: Protect your web applications using Spring Security
by Adolfo Eloy Nascimento
pages 页数: 420 pages
Publisher Finelybook 出版社: Packt Publishing (18 Oct. 2017)
Language 语言: English
ISBN-10 书号: 178829596X
ISBN-13 书号: 9781788295963
Book Description
Key Features
Enhance your application's security no matter the platform with OAuth 2.0
Leverage OAuth 2.0 to protect your APIs and to access and secure your application's data
A recipe-based guide that will teach you to build an OAuth 2.0 environment for your mobile,desktop,and cloud applications.
Book Description
OAuth 2.0 is a standard protocol for authorization and it focuses on client developer simplicity while providing specific authorization flows for web applications,desktop applications,mobile phones,and so on. Given the documentation available for OAuth specification,you may think that it is complex however this book promises to explain the overall capabilities of OAuth 2.0 in simple terms. It focuses on providing specific authorization flows for various applications through interesting recipes. It also provides useful recipes for solving real life problems using Spring Security OAuth2.
The book starts by laying a strong foundation for setting up your environment by showing you how the code samples work. You will be able to implement your own OAuth 2.0 provider with Spring Security for creating authorization server and resource Server as a single application as well as separated applications. Next,the book will cover practical scenarios regarding some important OAuth 2.0 profiles and how to use each of them. You will then be introduced to the usage of JWT as a token type and mastering the art of effectively using them on distinct situations. Next,the book explains why OAuth 2.0 isn't an authentication protocol followed by step by step instructions on logging in to your application using your Yahoo and PayPal account. Finally,you will learn to prepare the Android development environment with Android Studio and also improve the safety of your mobile client. By the end of this book,you will be able to ensure that both the server and client are protected against common vulnerabilities.
What you will learn
Use Redis and Relational Database to store issued access tokens and refresh tokens
Access the resources protected by the OAuth2 Provider using Spring Security
Implement a web application that dynamically registers itself to the Authorization Server
Improve the safety of your mobile client using dynamic client registration
Prepare your Android development environment with Android Studio
Protect the Authorization Server from invalid redirection
Contents
Chapter 1. Oauth 2.0 Foundations
Chapter 2. Implementing Your Own Oauth 2.0 Provider
Chapter 3. Using Oauth 2.0 Protected Apis
Chapter 4. Oauth 2.0 Profiles
Chapter 5. Self Contained Tokens With Jwt
Chapter 6. Openid Connect For Authentication
Chapter 7. Implementing Mobile Clients
Chapter 8. Avoiding Common Vulnerabilities
