Presentation is loading. Please wait.

Presentation is loading. Please wait.

The How of OAuth OAuth Hackathon – Six Apart

Similar presentations


Presentation on theme: "The How of OAuth OAuth Hackathon – Six Apart"— Presentation transcript:

1 The How of OAuth OAuth Hackathon – Six Apart

2 The How of OAuth or: How I learned to stop worrying and fall in love with Factory Joe

3 OAuths Goal Website X can access your protected data at API Y – All without sharing your password off-site – especially when there isnt one like with OpenID

4 OAuth gives you: Signed HTTP Requests Safe, Password-less Token Exchange Signed HTTP Requests Safe, Password-less Token Exchange

5 The Three Actors User – My Buddy (not me) Service Provider – Chuck E. Cheese Consumer – 10 yr old kids

6 The Three Tokens Access Tokens – Chuck E. Cheese Tickets Request Tokens – Chuck E. Cheese Tokens Consumer Keys

7 The Three URLS Request Token Issuer Authorization Page Access Token Exchanger

8 Building a Consumer

9 Get a consumer key and secret

10 Simple enough, eh?

11 Get a Request Token

12 Authorize the Request Token

13 Exchange for an Access Token

14 Making Authenticated Calls

15 Building a Service Provider

16 Data to store Consumers: – key, secret, callback_url Request Token: – token, secret, consumer, authorizing_user Access Token: – token, secret, consumer, user

17 Registering Consumers

18 Issuing Request Tokens Verify using only the consumer credential

19 Issuing Request Tokens Issue the request token

20 Authorizing Request Tokens Ask the user to accept the authorization

21 Authorizing Request Tokens Connecting the logged in user go back to consumer

22 Exchange for an Access Token Validate using Request Token and Consumer

23 Exchange for an Access Token Issue the Access Token Destroy the Request Token

24 Protecting Resources Validate Access Token

25 OAuth Hackathon – Six Apart

26 Thanks!


Download ppt "The How of OAuth OAuth Hackathon – Six Apart"

Similar presentations


Ads by Google