The OAuth 2.0 framework and its specifications
In the previous chapter, we briefly covered OAuth and why this protocol is well suited for modern applications. OAuth is an authorization framework that is specifically designed to meet the security scenarios that are required nowadays for authenticating users and connecting various services together.
The OAuth 2.0 authorization framework is a delegation protocol that provides the user with the ability to grant an application or service access to protected resources without impersonating the user and revealing their credentials. To do this, OAuth 2.0 introduces an authorization layer where the role of the client is separated from the role of the resource owner. The application can request authorization from the owner of the resource, and it will receive tokens that it can use to access those resources. This token represents delegated permissions to access the resource, without the need for the application to impersonate the user who...
