ONE$ && ZER0$

In previous blog posts about OAuth 2.0  and  OAuth Grant Types  I discussed about the basic idea of OAuth 2.0 framework and the four main grant types of retrieving an access-token. Comparing all four grant types, you can see that the "Authorization code" grant type is somewhat complex than the other three grant types. So, I thought about developing a simple web based java application just to demonstrate the message passing (requests and responses) flow of  OAuth 2.0 Authorization code grant type. Again, if you are not familiar with OAuth 2.0 framework or its grant types, visit my blog posts about, OAuth 2.0  OAuth 2.0 Token Grants   😊 As I was saying, I developed an application to demonstrate the flow of authorization_code grant, and I used JAVA as the language, Apache Maven as the building tool and Apache Tomcat as the web server. Lets see how this works. 😉 As you remember, the first thing to do as a client is to get the authorization code....

If you try to create an account or login to some websites or any other application, as an example when you want to create an account in N VIDIA, there’s an option that you can create an account simply by using facebook. So there’s this button called “Login with Facebook” which you click and use your facebook account’s details. It’s easy to use facebook than creating a new account and remembering the passwords and all, and your facebook account also holds the relevant information. Did you ever think about what’s happening behind the scene of this process? That’s where the OAuth comes in. OAuth is an authorization framework that enables a third-party application to obtain limited access and use authorized resources of a HTTP service, as an example facebook. This can happen either on behalf of a resource owner by arranging an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own be...