舉報 
會員
OAuth 2.0 Cookbook
最新章節:
How it works...
ThisbooktargetssoftwareengineersandsecurityexpertswhoarelookingtodeveloptheirskillsinAPIsecurityandOAuth2.0.Priorprogrammingknowledgeandabasicunderstandingofdevelopingwebapplicationsarenecessary.Asthisbook'srecipesmostlyuseSpringSecurityandSpringSecurityOAuth2,somepriorexperiencewithSpringFrameworkwillbehelpful.
最新章節
- How it works...
- How to do it...
- Getting ready
- Protecting the Authorization Server from invalid redirection
- How it works...
- How to do it...
品牌:中圖公司
上架時間:2021-07-08 09:16:49
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- How it works... 更新時間:2021-07-08 09:35:50
- How to do it...
- Getting ready
- Protecting the Authorization Server from invalid redirection
- How it works...
- How to do it...
- Getting ready
- Protecting the client against Authorization Code injection
- See also
- How it works...
- How to do it...
- Getting ready
- Binding scopes with user roles to protect user's resources
- How it works...
- How to do it...
- Getting ready
- Protecting Resource Server with scope validation
- How it works...
- How to do it...
- Getting ready
- Validating the Resource Server audience
- Introduction
- Avoiding Common Vulnerabilities
- See also
- How it works...
- How to do it...
- Getting ready
- Using dynamic client registration with mobile applications
- See also
- How it works...
- How to do it...
- Getting ready
- Protecting an Android client with PKCE
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Using the Password grant type for client apps provided by the OAuth 2 server
- See also
- How it works...
- How to do it...
- Getting ready
- Creating an Android OAuth 2.0 client using the embedded browser
- See also
- How it works...
- How to do it...
- Getting ready
- Creating an Android OAuth 2.0 client using the Implicit grant type with the system browser
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Creating an Android OAuth 2.0 client using an Authorization Code with the system browser
- How it works...
- How to do it...
- Getting ready
- Preparing an Android development environment
- Introduction
- Implementing Mobile Clients
- See also
- How it works...
- How to do it...
- Getting ready
- Using Microsoft and Google OpenID providers together with Spring Security 5
- See also
- How it works...
- How to do it...
- Getting ready
- Using Google OpenID Connect with Spring Security 5
- See also
- How it works...
- How to do it...
- Getting ready
- Using Facebook to authenticate users
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Obtaining user information from Identity Provider
- See also
- How it works...
- How to do it...
- Getting ready
- Authenticating Google's users through Google OpenID Connect
- Introduction
- OpenID Connect for Authentication
- See also
- How it works...
- How to do it...
- Getting ready
- Using proof-of-possession key on the client side
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Using proof-of-possession key semantics on OAuth 2.0 Provider
- See also
- How it works...
- How to do it...
- Getting ready
- Using JWE at the Resource Server side
- See also
- How it works...
- How to do it...
- Getting ready
- Using JWE to cryptographically protect JWT tokens
- See also
- How it works...
- How to do it...
- Getting ready
- Validating asymmetric signed JWT token
- See also
- How it works...
- How to do it...
- Getting ready
- Asymmetric signing of a JWT token
- See also
- How it works...
- How to do it...
- Getting ready
- Adding custom claims on JWT
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Validating JWT tokens at the Resource Server side
- See also
- How it works...
- How to do it...
- Getting ready
- Generating access tokens as JWT
- Introduction
- Self Contained Tokens with JWT
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Dynamic client registration
- See also
- There's more...
- How to do it...
- Getting ready
- Using Gatling to load test remote token validation
- See also
- How it works...
- How to do it...
- Getting ready
- Improving performance using cache for remote validation
- There's more...
- How it works...
- How to do it...
- Getting ready
- Remote validation using token introspection
- How it works...
- How to do it...
- Getting ready
- Revoking issued tokens
- Introduction
- OAuth 2.0 Profiles
- See also
- How it works...
- How to do it...
- Getting ready
- Accessing an OAuth 2.0 protected API with RestTemplate
- See also
- How it works...
- How to do it...
- Getting ready
- Managing refresh tokens on the client side
- See also
- How it works...
- How to do it...
- Getting ready
- Creating an OAuth 2.0 client using the Client Credentials grant type
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Creating an OAuth 2.0 client using the Resource Owner Password Credentials grant type
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Creating an OAuth 2.0 client using the Implicit grant type
- How it works...
- How to do it...
- Getting ready
- Creating an OAuth 2.0 client using the Authorization Code grant type
- Introduction
- Using OAuth 2.0 Protected APIs
- See also
- How it works...
- How to do it...
- Getting ready
- Using Gatling to load test the token validation process using shared databases
- See also
- How it works...
- How to do it...
- Getting ready
- Breaking the OAuth 2.0 Provider in the middle
- See also
- How it works...
- How to do it...
- Getting ready
- Implementing client registration
- See also
- How it works...
- How to do it...
- Getting ready
- Using Redis as a token store
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Using a relational database to store tokens and client details
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Adding support for refresh tokens
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Configuring the Client Credentials grant type
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Using the Resource Owner Password Credentials grant type as an approach for OAuth 2.0 migration
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Supporting the Implicit grant type
- There's more...
- How it works...
- How to do it...
- Getting ready
- Protecting resources using the Authorization Code grant type
- Introduction
- Implementing Your Own OAuth 2.0 Provider
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Accessing OAuth 2.0 Google protected resources bound to the user's session
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Accessing OAuth 2.0 LinkedIn protected resources
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Reading the user's contacts from Facebook on the server side
- See also
- There's more...
- How it works...
- How to do it...
- Getting ready
- Reading the user's contacts from Facebook on the client side
- See also
- There's more...
- How it works...
- See also
- How to do it...
- Getting ready
- Preparing the environment
- Introduction
- OAuth 2.0 Foundations
- Questions
- Piracy
- Errata
- Downloading the color images of this book
- Downloading the example code
- Customer support
- Reader feedback
- Conventions
- See also
- There's more…
- How it works…
- How to do it…
- Getting ready
- Sections
- Who this book is for
- What you need for this book
- What this book covers
- Preface
- Customer Feedback
- Why subscribe?
- www.PacktPub.com
- About the Reviewer
- About the Author
- Credits
- OAuth 2.0 Cookbook
- Copyright
- Title Page
- coverpage
- coverpage
- Title Page
- Copyright
- OAuth 2.0 Cookbook
- Credits
- About the Author
- About the Reviewer
- www.PacktPub.com
- Why subscribe?
- Customer Feedback
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Sections
- Getting ready
- How to do it…
- How it works…
- There's more…
- See also
- Conventions
- Reader feedback
- Customer support
- Downloading the example code
- Downloading the color images of this book
- Errata
- Piracy
- Questions
- OAuth 2.0 Foundations
- Introduction
- Preparing the environment
- Getting ready
- How to do it...
- See also
- How it works...
- There's more...
- See also
- Reading the user's contacts from Facebook on the client side
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Reading the user's contacts from Facebook on the server side
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Accessing OAuth 2.0 LinkedIn protected resources
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Accessing OAuth 2.0 Google protected resources bound to the user's session
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Implementing Your Own OAuth 2.0 Provider
- Introduction
- Protecting resources using the Authorization Code grant type
- Getting ready
- How to do it...
- How it works...
- There's more...
- Supporting the Implicit grant type
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Using the Resource Owner Password Credentials grant type as an approach for OAuth 2.0 migration
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Configuring the Client Credentials grant type
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Adding support for refresh tokens
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Using a relational database to store tokens and client details
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Using Redis as a token store
- Getting ready
- How to do it...
- How it works...
- See also
- Implementing client registration
- Getting ready
- How to do it...
- How it works...
- See also
- Breaking the OAuth 2.0 Provider in the middle
- Getting ready
- How to do it...
- How it works...
- See also
- Using Gatling to load test the token validation process using shared databases
- Getting ready
- How to do it...
- How it works...
- See also
- Using OAuth 2.0 Protected APIs
- Introduction
- Creating an OAuth 2.0 client using the Authorization Code grant type
- Getting ready
- How to do it...
- How it works...
- Creating an OAuth 2.0 client using the Implicit grant type
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Creating an OAuth 2.0 client using the Resource Owner Password Credentials grant type
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Creating an OAuth 2.0 client using the Client Credentials grant type
- Getting ready
- How to do it...
- How it works...
- See also
- Managing refresh tokens on the client side
- Getting ready
- How to do it...
- How it works...
- See also
- Accessing an OAuth 2.0 protected API with RestTemplate
- Getting ready
- How to do it...
- How it works...
- See also
- OAuth 2.0 Profiles
- Introduction
- Revoking issued tokens
- Getting ready
- How to do it...
- How it works...
- Remote validation using token introspection
- Getting ready
- How to do it...
- How it works...
- There's more...
- Improving performance using cache for remote validation
- Getting ready
- How to do it...
- How it works...
- See also
- Using Gatling to load test remote token validation
- Getting ready
- How to do it...
- There's more...
- See also
- Dynamic client registration
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Self Contained Tokens with JWT
- Introduction
- Generating access tokens as JWT
- Getting ready
- How to do it...
- How it works...
- See also
- Validating JWT tokens at the Resource Server side
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Adding custom claims on JWT
- Getting ready
- How to do it...
- How it works...
- See also
- Asymmetric signing of a JWT token
- Getting ready
- How to do it...
- How it works...
- See also
- Validating asymmetric signed JWT token
- Getting ready
- How to do it...
- How it works...
- See also
- Using JWE to cryptographically protect JWT tokens
- Getting ready
- How to do it...
- How it works...
- See also
- Using JWE at the Resource Server side
- Getting ready
- How to do it...
- How it works...
- See also
- Using proof-of-possession key semantics on OAuth 2.0 Provider
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Using proof-of-possession key on the client side
- Getting ready
- How to do it...
- How it works...
- See also
- OpenID Connect for Authentication
- Introduction
- Authenticating Google's users through Google OpenID Connect
- Getting ready
- How to do it...
- How it works...
- See also
- Obtaining user information from Identity Provider
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Using Facebook to authenticate users
- Getting ready
- How to do it...
- How it works...
- See also
- Using Google OpenID Connect with Spring Security 5
- Getting ready
- How to do it...
- How it works...
- See also
- Using Microsoft and Google OpenID providers together with Spring Security 5
- Getting ready
- How to do it...
- How it works...
- See also
- Implementing Mobile Clients
- Introduction
- Preparing an Android development environment
- Getting ready
- How to do it...
- How it works...
- Creating an Android OAuth 2.0 client using an Authorization Code with the system browser
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Creating an Android OAuth 2.0 client using the Implicit grant type with the system browser
- Getting ready
- How to do it...
- How it works...
- See also
- Creating an Android OAuth 2.0 client using the embedded browser
- Getting ready
- How to do it...
- How it works...
- See also
- Using the Password grant type for client apps provided by the OAuth 2 server
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Protecting an Android client with PKCE
- Getting ready
- How to do it...
- How it works...
- See also
- Using dynamic client registration with mobile applications
- Getting ready
- How to do it...
- How it works...
- See also
- Avoiding Common Vulnerabilities
- Introduction
- Validating the Resource Server audience
- Getting ready
- How to do it...
- How it works...
- Protecting Resource Server with scope validation
- Getting ready
- How to do it...
- How it works...
- Binding scopes with user roles to protect user's resources
- Getting ready
- How to do it...
- How it works...
- See also
- Protecting the client against Authorization Code injection
- Getting ready
- How to do it...
- How it works...
- Protecting the Authorization Server from invalid redirection
- Getting ready
- How to do it...
- How it works... 更新時間:2021-07-08 09:35:50
