Understanding Oauth2 (you have a option of login)


Understanding Oauth2

These days when you login to a site, you have a option of login with Facebook and Google. Ever Wondered, how does this login work?
Well Answer is OAuth. OAuth grants third part services provides  permission to do certain things, For example, login in the above case.
Lets discuss more on what OAuth is and how it works.
OAuth(Open Authorization ) is a protocol for authorization. It allows limited access for a user from one site to another of certain protected resources. It allows sites to communicate with each other without giving your away your password. It uses Authorization tokens for communication between the sites.

OAuth Roles

Lets Under stand OAuth Roles in order to understand how it works. OAuth has following Roles :
  • Resource Owner: It is used to grant access to the resources that are protected. We can say that it is the end User. It will be you who will be the resource owner in above case as you are giving a site permission to access your Google or Facebook data.
  • Resource Server: It is the server that hosts the resources that are protected. We can say it is API we want to access. This will be Facebook or Google given the above example.
  • Client: It is the app that requests access to the resources that are protected. In our case, This will be website from where you are logging into Facebook or Google.
  • Authorization Server: It is the server that does the authentication. It authenticates  the Resource Owner, and issues Authorization tokens. Facebook or Google will the authorization server that will authenticate the login and give authorization tokens. It is a separate service that Google/Facebook operate with the purpose of handling authorization.

OAuth Flow
We will see how this protocol work. Lets look at the generic Flow.
Generic OAuth flow

  1. The Web application From where we want to login ask the resource owner for the authorization of Facebook/Google. The application sends an Authorization Request.
  2. Once you provide correct credential, you have given permission to the web application to use your limited Facebook/Google data. the Application receives an Authorization Grant.
  3. The Authorization grant received is used and a request is sent to service of Facebook/Google that handles authorization. This is called access token request.
  4. Provided that the Application is successfully authenticated and the Authorization Grant is valid, the Authorization Server issues an access Token and sends it to the Application.
  5. The Application sends the access token and requests Facebook/Google for protected resource such as friend list.
  6. Facebook/Google authenticates the access token and sends back the requested protected resource.

Hopefully this will help understand how login with Facebook and google works.

you can deep dive into OAuth and its related topic with below given references :
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
https://blog.varonis.com/what-is-oauth/
https://blog.indoorway.com/getting-started-with-oauth2-4d4701e2fd8b
https://aaronparecki.com/oauth-2-simplified/

Comments

Post a Comment

Popular posts from this blog

How to resolve session timeout issue in JAVA

How to fixed Session timeout issue  :-     Pls follow the below details............................. SessionTimeOut.jsp --------------------------------- <%@page import="com.ecw.security.DataValidation"%> <%@page import="com.ecw.components.PerformanceHelper"%> <% String sessionValueinSeconds =  PerformanceHelper.checkItemkeyCache(null, "sessionTimeOut"); %> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <body> <script src="../../script/newui/js/jquery-1.10.2.min.js"></script> <script>     $(document).ready(function()            {     /* session Timeout code End Pavan */     var timer = null;     var secondsBeforeExpire='<%=DataValidation.escapeStringForJavaScript(sessionValueinSeconds)%>';     if(secondsBeforeExpire!="")     {     v...
Read more

Blog gives you enthusiasm,zeal

Hello, This blog is  specifically for the youngsters who fight with there carrer in Graduation or Post Graduation. This blog provides you industrial  "knowledge"  &  "Guidance" . This blog gives you everything about  Carrer, Love, Friendship, Living Culture, Professionalism, Fun  etc. This blog helps you to " go in front"  in any situation of your life. Thanks  Pavan
Read more

How to encode HTML in JAVA (Remove HTML from your text)

Here is the following code :- --------------------------------------------------------------------------  private String htmlEncode(final String string) {    String value="";    try{    byte ptext[] = string.getBytes("ISO-8859-1");     value = new String(ptext,"UTF-8");     value=value.replaceAll("\\p{C}", "?");    }catch(Exception e)    {    Util.AppendExceptionToLog(e);    }    return value;     } -------------------------------------------------------------------------- Thanks Pavan Dhokne 8888865193
Read more