Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
OAuth 2.0 Cookbook

You're reading from   OAuth 2.0 Cookbook Protect your web applications using Spring Security

Arrow left icon
Product type Paperback
Published in Oct 2017
Publisher Packt
ISBN-13 9781788295963
Length 420 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Adolfo Eloy Nascimento Adolfo Eloy Nascimento
Author Profile Icon Adolfo Eloy Nascimento
Adolfo Eloy Nascimento
Arrow right icon
View More author details
Toc

Table of Contents (9) Chapters Close

Preface 1. OAuth 2.0 Foundations FREE CHAPTER 2. Implementing Your Own OAuth 2.0 Provider 3. Using OAuth 2.0 Protected APIs 4. OAuth 2.0 Profiles 5. Self Contained Tokens with JWT 6. OpenID Connect for Authentication 7. Implementing Mobile Clients 8. Avoiding Common Vulnerabilities

What this book covers

Chapter 1, OAuth 2.0 Foundations, contains recipes that will cover the basics of OAuth 2.0 through simple recipes that allow the reader to interact with public OAuth 2.0-protected APIs such as Facebook, LinkedIn, and Google.

Chapter 2, Implement Your Own OAuth 2.0 Provider, describes the way you can implement your own OAuth 2.0 Provider, presenting recipes that help with Authorization Server and Resource Server configurations considering different OAuth 2.0 grant types. It also presents how to effectively work with refresh tokens, using different databases to store access tokens.

Chapter 3, Using OAuth 2.0 Protected APIs, presents recipes that helps to create OAuth 2.0 client applications that are able to interact with all grant types described in the OAuth 2.0 specification. It also presents how to manage refresh tokens on the client side.

Chapter 4, OAuth 2.0 Profiles, explains some OAuth 2.0 profiles and how to implement them using Spring Security OAuth2. These profiles are specified to help with specific scenarios that aren't covered by OAuth 2.0 specifications, such as token revocation and token introspection to allow remote validation. This recipe also provides some recommendations, such as how and when to use cache when using remote validation.

Chapter 5, Self Contained Tokens with JWT, focuses on the usage of JWT as OAuth 2.0 access tokens and how to implement the main extensions for JWT, such as JWS and JWE, providing signature and encryption to protect the content conveyed by a JWT access token. This chapter also presents a nice approach to increase the security of your application by using proof-of-possession semantics on OAuth 2.0.

Chapter 6, OpenID Connect for Authentication, explains the difference between authorization and authentication, and how OAuth 2.0 can help to build an authentication protocol. To illustrate the usage of OpenID Connect, all the recipes presented in this chapter are aimed at client applications instead of building an OpenID Connect Provider.

Chapter 7, Implementing Mobile Clients, covers how to implement OAuth 2.0 native mobile clients using Android as the platform chosen for the recipes. This chapter presents some guidelines specified by the recently published specification named OAuth 2.0 for native apps.

Chapter 8 , Avoiding Common Vulnerabilities, covers ways to better protect the main components considered within an OAuth 2.0 ecosystem.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image