Packt+ | Advance your knowledge in tech

0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

OAuth 2.0 Cookbook

You're reading from OAuth 2.0 Cookbook Protect your web applications using Spring Security

Product type Paperback

Published in Oct 2017

Publisher Packt

ISBN-13 9781788295963

Length 420 pages

Edition 1st Edition

Tools

OAuth

Concepts

Front End Web Development

Author (1):

Adolfo Eloy Nascimento

View More author details

Table of Contents (9) Chapters

Preface

1. OAuth 2.0 Foundations FREE CHAPTER

2. Implementing Your Own OAuth 2.0 Provider

3. Using OAuth 2.0 Protected APIs

4. OAuth 2.0 Profiles

5. Self Contained Tokens with JWT

6. OpenID Connect for Authentication

7. Implementing Mobile Clients

8. Avoiding Common Vulnerabilities

Creating an Android OAuth 2.0 client using the Implicit grant type with the system browser

The specification for OAuth 2.0, which is RFC 6749, address native mobile applications with just a small section. It does not states which grant type must be used or not, although it mentions the usage of Authorization Code and Implicit grant type. The only concern when using Implicit grant type is about that a refresh token is not returned requiring the authorization processes once the access token expires. Even though, the most recent specification, OAuth 2.0 for native apps (RFC 8252) states that implicit flow isn't recommended for native apps, basically because by using this grant type the client application will not be able to use PKCE, which avoids interception attacks (we will see more about PKCE in the Protecting an Android client with PKCE recipe).

Despite these considerations, this recipe still presents you with how to use the Implicit grant type, because depending on your scenario, you might...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Adolfo Eloy Nascimento

Adolfo Eloy Nascimento

Adolfo Eloy Nascimento is a software engineer at Elo7, he has a Bachelors degree in Computer Science, and has been working with software development since 1999. In around 2003, he started working with web development implementing applications using ASP, PHP4/5, JavaScript, and Java (sometimes he still does some maintenance for a Ruby on Rails application). He started using OAuth 2.0 two years ago, when designing applications using microservice architectures, as well as modeling and interacting with public APIs. As a tech enthusiast, Adolfo also likes to read and learn about programming languages and new technologies. He also believes that besides creating new applications, it is also important to share the knowledge he has acquired, which is what he does by writing for his personal blog, writing articles for Java Magazine in Brazil, and also writing tech books.

See other products by Adolfo Eloy Nascimento

Other recommended products

Related to this chapter

Hands-On Spring Security 5 for Reactive Applications

Hands-On Spring Security 5 for Reactive Applications

Security is one of the most vital concerns for any organization. The complexity of an application is compounded when you need to integrate security with existing code, new technology, and other frameworks. This book will show you how to effectively write Java code that is robust and easy to maintain.

Jul 2018 8h 56m

Hands-On Spring Security 5 for Reactive Applications

Hands-On Spring Security 5 for Reactive Applications

Security is one of the most vital concerns for any organization. The complexity of an application is compounded when you need to integrate security with existing code, new technology, and other frameworks. This book will show you how to effectively write Java code that is robust and easy to maintain.

Jul 2018 8h 56m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Personalised recommendations for you

Based on your interests and search pattern

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m