Packt+ | Advance your knowledge in tech

0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

OAuth 2.0 Cookbook

You're reading from OAuth 2.0 Cookbook Protect your web applications using Spring Security

Product type Paperback

Published in Oct 2017

Publisher Packt

ISBN-13 9781788295963

Length 420 pages

Edition 1st Edition

Tools

OAuth

Concepts

Front End Web Development

Author (1):

Adolfo Eloy Nascimento

View More author details

Table of Contents (9) Chapters

Preface

1. OAuth 2.0 Foundations FREE CHAPTER

2. Implementing Your Own OAuth 2.0 Provider

3. Using OAuth 2.0 Protected APIs

4. OAuth 2.0 Profiles

5. Self Contained Tokens with JWT

6. OpenID Connect for Authentication

7. Implementing Mobile Clients

8. Avoiding Common Vulnerabilities

Protecting an Android client with PKCE

When implementing OAuth 2.0 native mobile applications, it's required that you handle the redirection URI when using the Authorization Code or the Implicit grant types. Handing the callback started by the OAuth 2.0 Provider can be achieved by registering a URI scheme strategy. But how can we protect the Authorization Code to be delivered to the right client application? If another client application (a malicious one) registers an activity to listen to the same URI scheme registered for our application, the operational system (in this case Android), will prompt the user with the means to select which application to use. If the user selects the bad one, the Authorization Code will be delivered to the bad application which can request an access token improperly. The PKCE is defined by RFC 7636 just to address this kind of problem and this recipe will help you implement a native application that relies on PKCE to be protected against Authorization Code...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Adolfo Eloy Nascimento

Adolfo Eloy Nascimento

Adolfo Eloy Nascimento is a software engineer at Elo7, he has a Bachelors degree in Computer Science, and has been working with software development since 1999. In around 2003, he started working with web development implementing applications using ASP, PHP4/5, JavaScript, and Java (sometimes he still does some maintenance for a Ruby on Rails application). He started using OAuth 2.0 two years ago, when designing applications using microservice architectures, as well as modeling and interacting with public APIs. As a tech enthusiast, Adolfo also likes to read and learn about programming languages and new technologies. He also believes that besides creating new applications, it is also important to share the knowledge he has acquired, which is what he does by writing for his personal blog, writing articles for Java Magazine in Brazil, and also writing tech books.

See other products by Adolfo Eloy Nascimento

Other recommended products

Related to this chapter

Hands-On Spring Security 5 for Reactive Applications

Hands-On Spring Security 5 for Reactive Applications

Security is one of the most vital concerns for any organization. The complexity of an application is compounded when you need to integrate security with existing code, new technology, and other frameworks. This book will show you how to effectively write Java code that is robust and easy to maintain.

Jul 2018 8h 56m

Hands-On Spring Security 5 for Reactive Applications

Hands-On Spring Security 5 for Reactive Applications

Security is one of the most vital concerns for any organization. The complexity of an application is compounded when you need to integrate security with existing code, new technology, and other frameworks. This book will show you how to effectively write Java code that is robust and easy to maintain.

Jul 2018 8h 56m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

Jun 2021 12h 4m

Personalised recommendations for you

Based on your interests and search pattern

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m