Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- AUTHORIZATION

  4 ways to obtain access token in OAuth 2.0

OAuth 2.0 is an authorization mechanism, it's ,mainly used for issuing access token. There are 4 ways to obtain access token as per RFC 6749. Authorization code Implicit Password Client credentials The third party application must obtain a client id and client secret from the target service before obtaining access token no matter which method to use. This is to prevent token to be used maliciously. Authorization code With this method, the third party application must first get an authorization...

   OAUTH2,ACCESS TOKEN,REFRESH TOKEN     2019-06-29 07:12:03

  PHP to get access token for Sina Weibo app

Previously I wrote two articles about getting access token for Facebook and Twitter apps using PHP. Today I will write one more article about getting access token for Sina Weibo app using PHP. OAuth 2.0 is now the authorization mechanism of Sina Weibo API. The API authorization process is similar to the process of Twitter. It has basically two steps: 1. Authorization; 2. Get access token. 1. Create an app. I hope you know how to create an app in Sina Weibo now. If not. You can access this page ...

   PHP,access token,Sina Weibo     2013-05-16 12:07:39

  PHP to get access token for Facebook app

Since Facebook is now using OAuth 2.0 to authenticate apps to access user information. the SDK of Facebook has provided developers some useful functions to get authentication done. For example, in PHP SDK, there are getAccessToken(), getLoginUrl() etc. But unfortunately, for me I cannot use getAccessToken() method to get the user access token, it only returns me the app access token. Finally I gave up this approach to get access token for the time being. I may later retry this approach if I have...

   Faceook,PHP,Access token,signed request     2012-03-27 12:37:46

  Mozilla releases a web identity system : Persona

Now almost every website requires the user to register, there are many benefits of registration for a website, such as retaining users, accommodating discussions, providing customized content and so on.But there is too much trouble if each site requires registration, right?Of course, users can also have their own way, for those less important sites, for example, using a unified user name, password and email so that you only need to remember one account. Then, we also see some advanced methods em...

   Mozilla,Persona,Security,ID     2012-09-28 12:02:25

  Accessing Reddit top posts using OAuth

Previously one can use the https://www.reddit.com/r/rprogramming/top.json API to access one subreddit's top posts. This API doesn't require any access token to fetch the data. However, this API may not work all the time. Reddit may block the API's request if it finds that you are using a script or some app which accesses the API now and then. For an app or script which needs to fetch the data routinely, what should we do? Reddit provides one method which can be used to fetch this kind of to...

   REDDIT,OAUTH,TOP POSTS,HOT POSTS     2023-12-16 07:24:14

  PHP to get access token for Twitter app

Previously we wrote an article about getting access token for Facebook app--PHP to get access token for Facebook app. Today we will introduce how to get access token for Twitter app using PHP. Since now Twitter is also using OAuth 2.0 to allow some web apps to access some users information on behalf of one user. They provided some APIs for developers to easily get them integrated with their own websites. The first step to get all these done is how to get the access token, the access token seems ...

   Twitter,OAuth,access token,PHP     2013-03-03 03:49:26

  PHP to integrate with Sign in with Google

Google has a huge user base and hence it provides an authentication service for third party service to integrate with them so that people can sign in with Google in their services. Google also adopts OAuth 2 to provide this kind of Open ID connect service. This post will introduce how to integrate with sign in with Google functionality in your PHP website.  Create a client app on Google The first step you should follow is to create a Google app, you can follow the post here to create the p...

   PHP,GOOGLE API,OPEN API,SIGN IN WITH GOOGLE     2019-03-03 02:00:09

  Kubernetes Authentication & Authorization 101

If we want to build a system with user modules, Authentication and Authorization are something that we can never ignore, though they could be fuzzy to understand. Authentication (from Greek: αὐθεντικÏŒς authentikos, “real, genuine”, from αὐθέντης authentes, “author”) is the act of proving an assertion, such as the identity of a computer s...

   RBAC,AUTHORIZATION,AUTHENTICATION,KUBERNETES     2021-06-05 23:19:18

  Using htpasswd to protect your website in Nginx

We need to build a password protected website frequently such as an internal website within the team, demo website. Here what we are talking about is password protection in Nginx server level instead of application level registration and login. We are going to use Nginx server configuration and htpasswd file to achieve password authentication. The final result looks like below(Different browsers may have different interfaces): If the authentication fails, it will report a HTTP error: 401 Author...

   Nginx,Password protected,htpasswd     2013-06-07 21:35:27

  Basic Mistakes Developers Make When Creating APIs

Today, there are many tools that developers can use to create an API, meaning that some of them can come up with an API within a matter of minutes. However, there is a vast difference between just creating an API and building one that meets all your expectations, is reliable and secure. Some developers create APIs that work well but forget some basic things that, within no time, bring a lot of issues to the API users. In this article, we are going to talk about the basic mistakes that developers...

   API,API DESIGN,RESTFUL API     2020-08-19 07:54:03

RECENT