Introduction
This chapter will present you with the means to better protect applications that interact with the OAuth 2.0 ecosystem. That's to protect all the main components of OAuth 2.0 against common issues. The components that will be covered are the client and the OAuth Provider, which is composed by the Authorization Server and the Resource Server.
Note
This chapter presents some recipes based on concepts I have explained in detail on OAuth 2.0 book https://www.casadocodigo.com.br/products/livro-oauth (published in Portuguese to explain the protocol). Also, it presents you some best practices to avoid common vulnerabilities when working with OAuth 2.0, be aware to always protect connections with SSL/TLS when running these recipes in production.