Prezi

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in the manual

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

OAuth 2.0 Server Side

OAuth 2.0 lets 3rd party web/mobile apps to authenticate users with well known identity providers(such as Facebook, Google, Microsoft, Amazon). This provides great convenience for app users as they don't need to create new accounts.
by David Cai on 15 May 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of OAuth 2.0 Server Side

OAuth 2.0 Server Side OAuth 2.0 Protocol Sample App Demo Protocol diagram Sample implementation IDP differences Amazon Hotmail get oauth url invoke oauth pass to server get access_token get IDP data get oauth url invoke oauth pass to server get access_token get IDP data (window.location.assign) String getFBOAuthURI(String stateStr) {
StringBuilder builder = new StringBuilder();
builder.append("https://www.facebook.com/dialog/oauth?");
builder.append("client_id=").append(FB_OAUTH_APP_ID);
builder.append("&redirect_uri=").append(OAUTH_APP_REDIRECT);
builder.append("
builder.append("
return builder.toString();
} Get OAuth URL String getFBAccessToken(String code) throws IOException {
StringBuilder urlStr = new StringBuilder
("https://graph.facebook.com/oauth/access_token?");
urlStr.append("client_id=").append(FB_OAUTH_APP_ID);
urlStr.append("&client_secret=").append(FB_OAUTH_APP_SECRET);
urlStr.append("&redirect_uri=").append(OAUTH_LOCAL_REDIRECT);
urlStr.append("
URL url = new URL(urlStr.toString());
return accessToken;
} Get FB Access_Token StringBuilder urlStr = new StringBuilder
("https://accounts.google.com/o/oauth2/token");
URL url = new URL(urlStr.toString());
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setDoOutput(true);
connection.setRequestMethod("POST");
OutputStreamWriter writer = new OutputStreamWriter(connection.getOutputStream());
writer.write("code=" + code);
writer.write("&client_id=" + GOOGLE_OAUTH_APP_ID);
writer.write("&client_secret=" + GOOGLE_OAUTH_APP_SECRET);
writer.write("&redirect_uri=" + OAUTH_APP_REDIRECT);
writer.write(" Get Google/MS Access_Token Facebook:
https://graph.facebook.com/me?access_token=<AT>
Google:
https://www.googleapis.com/oauth2/v2/userinfo?access_token=<AT>
Microsoft:
https://apis.live.net/v5.0/me?access_token=<AT>

References:
https://developers.facebook.com/tools/explorer
https://developers.google.com/oauthplayground/ Get IDP data &scope=email"); &state=").append(stateStr); &code=").append(code); &grant_type=authorization_code"); Amazon Hotmail get oauth url invoke oauth pass to server get access_token get IDP data (window.location.assign) {oauthURI:https://www.facebook.com/dialog/oauth?client_id=<your app id>&redirect_uri=<your server endpoint>&scope=email&state=<random value to prevent CSRF>} Get OAuth URL String getFBAccessToken(String code) throws IOException {
StringBuilder urlStr = new StringBuilder
("https://graph.facebook.com/oauth/access_token?");
urlStr.append("client_id=").append(FB_OAUTH_APP_ID);
urlStr.append("&client_secret=").append(FB_OAUTH_APP_SECRET);
urlStr.append("&redirect_uri=").append(OAUTH_LOCAL_REDIRECT);
urlStr.append("
URL url = new URL(urlStr.toString());
return accessToken;
} Get FB Access_Token StringBuilder urlStr = new StringBuilder
("https://accounts.google.com/o/oauth2/token");
URL url = new URL(urlStr.toString());
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setDoOutput(true);
connection.setRequestMethod("POST");
OutputStreamWriter writer = new OutputStreamWriter(connection.getOutputStream());
writer.write("code=" + code);
writer.write("&client_id=" + GOOGLE_OAUTH_APP_ID);
writer.write("&client_secret=" + GOOGLE_OAUTH_APP_SECRET);
writer.write("&redirect_uri=" + OAUTH_APP_REDIRECT);
writer.write(" Get Google/MS Access_Token Facebook:
https://graph.facebook.com/me?access_token=<AT>
Google:
https://www.googleapis.com/oauth2/v2/userinfo?access_token=<AT>
Microsoft:
https://apis.live.net/v5.0/me?access_token=<AT>

References:
https://developers.facebook.com/tools/explorer
https://developers.google.com/oauthplayground/ Get IDP data &code=").append(code); &grant_type=authorization_code"); Amazon Hotmail IDP Comparison Thank You!
See the full transcript