Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Preface
What this book covers What you need for this book Who this book is for Sections
Getting ready How to do it… How it works… There's more… See also
Conventions Reader feedback Customer support
Downloading the example code Downloading the color images of this book Errata Piracy Questions
OAuth 2.0 Foundations
Introduction Preparing the environment
Getting ready How to do it... See also How it works... There's more... See also
Reading the user's contacts from Facebook on the client side
Getting ready How to do it... How it works... There's more... See also
Reading the user's contacts from Facebook on the server side
Getting ready How to do it... How it works... There's more... See also
Accessing OAuth 2.0 LinkedIn protected resources
Getting ready How to do it... How it works... There's more... See also
Accessing OAuth 2.0 Google protected resources bound to the user's session
Getting ready How to do it... How it works... There's more... See also
Implementing Your Own OAuth 2.0 Provider
Introduction Protecting resources using the Authorization Code grant type
Getting ready How to do it... How it works... There's more...
Supporting the Implicit grant type
Getting ready How to do it... How it works... There's more... See also
Using the Resource Owner Password Credentials grant type as an approach for OAuth 2.0 migration
Getting ready How to do it... How it works... There's more... See also
Configuring the Client Credentials grant type
Getting ready How to do it... How it works... There's more... See also
Adding support for refresh tokens
Getting ready How to do it... How it works... There's more... See also
Using a relational database to store tokens and client details
Getting ready How to do it... How it works... There's more... See also
Using Redis as a token store
Getting ready How to do it... How it works... See also
Implementing client registration
Getting ready How to do it... How it works... See also
Breaking the OAuth 2.0 Provider in the middle
Getting ready How to do it... How it works... See also
Using Gatling to load test the token validation process using shared databases
Getting ready How to do it... How it works... See also
Using OAuth 2.0 Protected APIs
Introduction Creating an OAuth 2.0 client using the Authorization Code grant type
Getting ready How to do it... How it works...
Creating an OAuth 2.0 client using the Implicit grant type
Getting ready How to do it... How it works... There's more... See also
Creating an OAuth 2.0 client using the Resource Owner Password Credentials grant type
Getting ready How to do it... How it works... There's more... See also
Creating an OAuth 2.0 client using the Client Credentials grant type
Getting ready How to do it... How it works... See also
Managing refresh tokens on the client side
Getting ready How to do it... How it works... See also
Accessing an OAuth 2.0 protected API with RestTemplate
Getting ready How to do it... How it works... See also
OAuth 2.0 Profiles
Introduction Revoking issued tokens
Getting ready How to do it... How it works...
Remote validation using token introspection
Getting ready How to do it... How it works... There's more...
Improving performance using cache for remote validation
Getting ready How to do it... How it works... See also
Using Gatling to load test remote token validation
Getting ready How to do it... There's more... See also
Dynamic client registration
Getting ready How to do it... How it works... There's more... See also
Self Contained Tokens with JWT
Introduction Generating access tokens as JWT
Getting ready How to do it... How it works... See also
Validating JWT tokens at the Resource Server side
Getting ready How to do it... How it works... There's more... See also
Adding custom claims on JWT
Getting ready How to do it... How it works... See also
Asymmetric signing of a JWT token
Getting ready How to do it... How it works... See also
Validating asymmetric signed JWT token
Getting ready How to do it... How it works... See also
Using JWE to cryptographically protect JWT tokens
Getting ready How to do it... How it works... See also
Using JWE at the Resource Server side
Getting ready How to do it... How it works... See also
Using proof-of-possession key semantics on OAuth 2.0 Provider
Getting ready How to do it... How it works... There's more... See also
Using proof-of-possession key on the client side
Getting ready How to do it... How it works... See also
OpenID Connect for Authentication
Introduction Authenticating Google's users through Google OpenID Connect
Getting ready How to do it... How it works... See also
Obtaining user information from Identity Provider
Getting ready How to do it... How it works... There's more... See also
Using Facebook to authenticate users
Getting ready How to do it... How it works... See also
Using Google OpenID Connect with Spring Security 5
Getting ready How to do it... How it works... See also
Using Microsoft and Google OpenID providers together with Spring Security 5
Getting ready How to do it... How it works... See also
Implementing Mobile Clients
Introduction Preparing an Android development environment
Getting ready How to do it... How it works...
Creating an Android OAuth 2.0 client using an Authorization Code with the system browser
Getting ready How to do it... How it works... There's more... See also
Creating an Android OAuth 2.0 client using the Implicit grant type with the system browser
Getting ready How to do it... How it works... See also
Creating an Android OAuth 2.0 client using the embedded browser
Getting ready How to do it... How it works... See also
Using the Password grant type for client apps provided by the OAuth 2 server
Getting ready How to do it... How it works... There's more... See also
Protecting an Android client with PKCE
Getting ready How to do it... How it works... See also
Using dynamic client registration with mobile applications
Getting ready How to do it... How it works... See also
Avoiding Common Vulnerabilities
Introduction Validating the Resource Server audience
Getting ready How to do it... How it works...
Protecting Resource Server with scope validation
Getting ready How to do it... How it works...
Binding scopes with user roles to protect user's resources
Getting ready How to do it... How it works... See also
Protecting the client against Authorization Code injection
Getting ready How to do it... How it works...
Protecting the Authorization Server from invalid redirection
Getting ready How to do it... How it works...
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion