Close Menu
    Monday, June 16
    eBusiness and eMarketing

    OAuth 2 in Action

    TeamBy No Comments4 Mins Read0 Views
    1750010242 61WULWHF2dL. SL1500 OAuth 2 in Action Edu Expertise Hub Web Browsers

    Price: $56.08
    (as of Jun 15, 2025 17:57:25 UTC – Details)

    amazon buy now button 300x148 1 OAuth 2 in Action Edu Expertise Hub Web Browsers

    Summary

    OAuth 2 in Action teaches you the practical use and deployment of this HTTP-based protocol from the perspectives of a client, authorization server, and resource server. You’ll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer.

    Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

    About the Technology

    Think of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.

    About the Book

    OAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You’ll begin with an overview of OAuth and its components and interactions. Next, you’ll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you’ll dig into tokens, dynamic client registration, and more advanced topics. By the end, you’ll be able to confidently and securely build and deploy OAuth on both the client and server sides.

    What’s Inside

    Covers OAuth 2 protocol and designAuthorization with OAuth 2OpenID Connect and User-Managed AccessImplementation risksJOSE, introspection, revocation, and registrationProtecting and accessing REST APIs
    About the Reader

    Readers need basic programming skills and knowledge of HTTP and JSON.

    About the Author

    Justin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.

    Table of Contents

    Part 1 – First stepsWhat is OAuth 2.0 and why should you care?The OAuth dance Part 2 – Building an OAuth 2 environmentBuilding a simple OAuth client Building a simple OAuth protected resource Building a simple OAuth authorization server OAuth 2.0 in the real world Part 3 – OAuth 2 implementation and vulnerabilitiesCommon client vulnerabilities Common protected resources vulnerabilities Common authorization server vulnerabilities Common OAuth token vulnerabilities Part 4 – Taking OAuth furtherOAuth tokens Dynamic client registration User authentication with OAuth 2.0 Protocols and profiles using OAuth 2.0 Beyond bearer tokens Summary and conclusions

    From the Publisher

    639866b8 f947 4a16 b221 81a6f7962789. SL300 OAuth 2 in Action Edu Expertise Hub Web Browsers639866b8 f947 4a16 b221 81a6f7962789. SL300 OAuth 2 in Action Edu Expertise Hub Web Browsers

    About this Book

    This book is intended to be a comprehensive and thorough treatment of the OAuth 2.0 protocol and many of its surrounding technologies, including OpenID Connect and JOSE/JWT. We want you to come away from this book with a deep understanding of what OAuth can do, why it works the way that it does, and how to deploy it properly and securely in an unsafe internet.

    The target reader for this book is someone who’s probably used OAuth 2.0, or at least heard of it, but doesn’t really know how it works or why it works that way. Maybe you’ve even developed one or more OAuth 2.0 components, such as a client to talk to a specific API, but you’re curious about other kinds of clients, or other parts of the OAuth 2.0 ecosystem. Perhaps you wonder, ‘What’s the authorization server doing when you go ask for that authorization code, anyway?’ Or perhaps you’re tasked with protecting an API and you want to know if OAuth 2.0 is really going to do the job, and if so, how are you supposed to manage that? Maybe in your day job you’re building a client, but you want to know what the protected resource does with that token you sent it. Or maybe you’re building and protecting an API, but you want to know what the authorization server you’re talking to does to get those tokens into the right place. We want you to understand what the tool, OAuth 2.0, is really good at and how you can wield it effectively.

    We’re going to assume you know the basics of how HTTP works, and at least understand the utility of encrypting connections using TLS, if not the intimate details of how it works. Our code is all in JavaScript, but this isn’t a book about JavaScript, and so we’ve done our best to explain the abstractions and functionality that the code itself represents so that you can apply it to your own platform and language.

    Publisher ‏ : ‎ Manning
    Publication date ‏ : ‎ March 18, 2017
    Edition ‏ : ‎ First Edition
    Language ‏ : ‎ English
    Print length ‏ : ‎ 360 pages
    ISBN-10 ‏ : ‎ 161729327X
    ISBN-13 ‏ : ‎ 978-1617293276
    Item Weight ‏ : ‎ 1.35 pounds
    Dimensions ‏ : ‎ 7.38 x 0.8 x 9.25 inches

    This post is exclusively published on eduexpertisehub.com
    Share.

    Related Posts