OAuth In Action Book will give good explanation about oauth2.
In this site I am referring those examples and diagrams.
My name is Ramesh Vankayala, Currently working as senior
architect.
OAuth2- Authorization grand type:
Ex: Ramesh
have a cloud photo-storage service and a photo printing service, and you want
to be able to print the photos that you have stored in your storage service.
Ramesh
Having Access --> 1) Photo Printing Service
2)
Cloud Photo-storage Service
Now
Photo Printing Service Wants Access à 1) Cloud Photo-Storage Service, so
that it will able to print the photos.
Means
Ramesh Delegates his access to Photo Printing Service, Then Photo Printing
Service will contact Cloud Photo-storage Servcie print photos.
In
the OAuth Protocol there 4 Actors are there.
1) Resource
Owner / End User
2) Authorization
Server
3) Resource
Server
4) OAuth
Client / Client
About
use case convert into actors.
Resource
Owner – Ramesh
OAuth
Client – Photo Printing Service
Resource
Server – Cloud Photo-Storage Service.
Below
is the diagram.
If End User Shares His Crenditals to
Client (Printer Access Service), Printer Service can print service / delete
photos. we don't know client will do anything.
Protected
Resource (Storage Service) doesn't either the application is Real User or On
Behalf Real User (Proxy User).
Now
Introduced the Authorization Server (AS) Component, Which will be trusted by protected
Resource. Authorization Server issue tokens, which will accepted by Protected
Resource.
OAuth is a delegation protocol that provides
authorization across systems.
To
achieve the Ramesh (Resource Owner) to delegate his access Photo Printing
Service (OAuth Client) through Authorization Server.
1) OAuth In
Action Book Examples Download
Now I am going to explain above use case in OAuth2 Style.
Resource Owner : Ramesh Vankayala / End User
Authorization Server: Authorization Server.
OAuth Client : Photo Printing Service
Protected Resource: Cloud Printing Service
Http Basic Auth / Http Digest Auth
both are interchangable.
Client
- Trusted Client/ Certificed Client / Dynamicall Registerd Client.
Prerequire to execute OAuth2
1) Download
and Install https://nodejs.org/en/download/, At
that time of writing 10.15.3 node, select windows 64
bit zip and download it .
2) Unzip the
zip file, For ex: C:\Softwares\node-v10.15.3-win-x64, then add this location in
System envinroment path variable
Path=%Path%;.; C:\Softwares\node-v10.15.3-win-x64
3) Open the command line, check node –v and npm
-v
2) For my
demo I am referring the exercises\ch-3-ex-1
No comments:
Post a Comment