Presentation is loading. Please wait.

Presentation is loading. Please wait.

The How of OAuth OAuth Hackathon – Six Apart

Published byIsabella Fagan Modified over 10 years ago

Similar presentations

Presentation on theme: "The How of OAuth OAuth Hackathon – Six Apart"— Presentation transcript:

1 The How of OAuth OAuth Hackathon – 4/26 @ Six Apart http://icanhaz.com/oauth

2 The How of OAuth or: How I learned to stop worrying and fall in love with Factory Joe

3 OAuths Goal Website X can access your protected data at API Y – All without sharing your password off-site – especially when there isnt one like with OpenID

4 OAuth gives you: Signed HTTP Requests Safe, Password-less Token Exchange Signed HTTP Requests Safe, Password-less Token Exchange

5 The Three Actors User – My Buddy (not me) Service Provider – Chuck E. Cheese Consumer – 10 yr old kids

6 The Three Tokens Access Tokens – Chuck E. Cheese Tickets Request Tokens – Chuck E. Cheese Tokens Consumer Keys

7 The Three URLS Request Token Issuer Authorization Page Access Token Exchanger

8 Building a Consumer

9 Get a consumer key and secret

10 Simple enough, eh?

11 Get a Request Token

12 Authorize the Request Token

13 Exchange for an Access Token

14 Making Authenticated Calls

15 Building a Service Provider

16 Data to store Consumers: – key, secret, callback_url Request Token: – token, secret, consumer, authorizing_user Access Token: – token, secret, consumer, user

17 Registering Consumers

18 Issuing Request Tokens Verify using only the consumer credential

19 Issuing Request Tokens Issue the request token

20 Authorizing Request Tokens Ask the user to accept the authorization

21 Authorizing Request Tokens Connecting the logged in user go back to consumer

22 Exchange for an Access Token Validate using Request Token and Consumer

23 Exchange for an Access Token Issue the Access Token Destroy the Request Token

24 Protecting Resources Validate Access Token

25 OAuth Hackathon – 4/26 @ Six Apart http://icanhaz.com/oauth

26 Thanks!

Download ppt "The How of OAuth OAuth Hackathon – Six Apart"

Similar presentations

Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board

Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board
Your Guide to Family Connection Welcome, Ms. Scasso! Your counselor has created an account for you on Family Connection, a website to help you plan for.

Your Guide to Family Connection Welcome, Ms. Scasso! Your counselor has created an account for you on Family Connection, a website to help you plan for.
22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.

22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.
OAuth Phil Wilson, University of Bath, 2008. what the? OAuth provides a way to grant access to your data on some website to a third website, without.

OAuth Phil Wilson, University of Bath, what the? "OAuth provides a way to grant access to your data on some website to a third website, without.
Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).

Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).
CS5204 – Operating Systems 1 A Private Key System KERBEROS.

CS5204 – Operating Systems 1 A Private Key System KERBEROS.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:

OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:
The Alfresco API Steven Glover Gethin James Peter Monks.

The Alfresco API Steven Glover Gethin James Peter Monks.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
Introducing Windows Server 2012 R2 Work Folders:

Introducing Windows Server 2012 R2 Work Folders:
Will Darby 91.514 5 April 2010.  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.

Will Darby April  What is Federated Security  Security Assertion Markup Language (SAML) Overview  Example Implementations  Alternative.
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.

Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
By: Ansuya Chauhan.

By: Ansuya Chauhan.
Mark Phillip markphillip.com “Badges? We don't need no stinkin' badges!” A Look at Identity on the Web.

Mark Phillip markphillip.com “Badges? We don't need no stinkin' badges!” A Look at Identity on the Web.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.
Workflow OpenID Scenario Users get OpenID from provider Andy is given access to service, and then to workflow server. Andy installs workflow Workflow gets.

Workflow OpenID Scenario Users get OpenID from provider Andy is given access to service, and then to workflow server. Andy installs workflow Workflow gets.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
The Expressions for Internet & e-Commerce Complied by Terri Yueh.

The Expressions for Internet & e-Commerce Complied by Terri Yueh.

Similar presentations

Ads by Google