SEARCH KEYWORD -- REFRESH TOKEN
4 ways to obtain access token in OAuth 2.0
OAuth 2.0 is an authorization mechanism, it's ,mainly used for issuing access token. There are 4 ways to obtain access token as per RFC 6749. Authorization code Implicit Password Client credentials The third party application must obtain a client id and client secret from the target service before obtaining access token no matter which method to use. This is to prevent token to be used maliciously. Authorization code With this method, the third party application must first get an authorization...
OAUTH2,ACCESS TOKEN,REFRESH TOKEN 2019-06-29 07:12:03
Remote form submission
Remote form submission is way of submitting HTML forms from local to a particular remote server. This is used by many advertisers, spammers or even hackers to submit bad data to other websites in order to get what they want. They can write some automation scripts to help them do spamming. How can people do remote form submission and how to prevent this kind of attacks? Since a website can be accessed by almost every one, so one can save a local copy of a HTML form of a website through File->S...
PHP,Security,Remote form submission 2013-07-14 01:04:49
PHP to get access token for Facebook app
Since Facebook is now using OAuth 2.0 to authenticate apps to access user information. the SDK of Facebook has provided developers some useful functions to get authentication done. For example, in PHP SDK, there are getAccessToken(), getLoginUrl() etc. But unfortunately, for me I cannot use getAccessToken() method to get the user access token, it only returns me the app access token. Finally I gave up this approach to get access token for the time being. I may later retry this approach if I have...
Faceook,PHP,Access token,signed request 2012-03-27 12:37:46
PHP to get access token for Sina Weibo app
Previously I wrote two articles about getting access token for Facebook and Twitter apps using PHP. Today I will write one more article about getting access token for Sina Weibo app using PHP. OAuth 2.0 is now the authorization mechanism of Sina Weibo API. The API authorization process is similar to the process of Twitter. It has basically two steps: 1. Authorization; 2. Get access token. 1. Create an app. I hope you know how to create an app in Sina Weibo now. If not. You can access this page ...
PHP,access token,Sina Weibo 2013-05-16 12:07:39
PHP to integrate with Sign in with Google
Google has a huge user base and hence it provides an authentication service for third party service to integrate with them so that people can sign in with Google in their services. Google also adopts OAuth 2 to provide this kind of Open ID connect service. This post will introduce how to integrate with sign in with Google functionality in your PHP website. Create a client app on Google The first step you should follow is to create a Google app, you can follow the post here to create the p...
PHP,GOOGLE API,OPEN API,SIGN IN WITH GOOGLE 2019-03-03 02:00:09
Introduction to OAuth (in Plain English)
Last week we talked about giving away your passwords and how you should never do it. When a website wants to use the services of another—such as Bitly posting to your Twitter stream—instead of asking you to share your password, they should use OAuth instead. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password. This is a quick guide to illustrate, as simply as possibl...
Security,OAuth,Permission,Partial access 2012-04-05 11:39:54
PHP to get access token for Twitter app
Previously we wrote an article about getting access token for Facebook app--PHP to get access token for Facebook app. Today we will introduce how to get access token for Twitter app using PHP. Since now Twitter is also using OAuth 2.0 to allow some web apps to access some users information on behalf of one user. They provided some APIs for developers to easily get them integrated with their own websites. The first step to get all these done is how to get the access token, the access token seems ...
Twitter,OAuth,access token,PHP 2013-03-03 03:49:26
Create animated refresh button in Android
In Android, we can have drawings on a button, also we can put animated drawings on a button as well. Today we will show how to create an animated refresh button with an animated spinner on it. We need to create an animated drawing first. Here we name it as progress.xml and put it in the res/drawable folder: <?xml version="1.0" encoding="utf-8"?><animation-list xmlns:android="http://schemas.android.com/apk/res/android" android:id="@+id/spin_refresh" android:oneshot="fal...
Animation,Spinner,Refresh button,Android 2012-11-02 11:51:41
Accessing Reddit top posts using OAuth
Previously one can use the https://www.reddit.com/r/rprogramming/top.json API to access one subreddit's top posts. This API doesn't require any access token to fetch the data. However, this API may not work all the time. Reddit may block the API's request if it finds that you are using a script or some app which accesses the API now and then. For an app or script which needs to fetch the data routinely, what should we do? Reddit provides one method which can be used to fetch this kind of to...
A serious security vulnerability found in MySQL/MariaDB
Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...
RECENT
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- more>>