Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- REFRESH TOKEN

  4 ways to obtain access token in OAuth 2.0

OAuth 2.0 is an authorization mechanism, it's ,mainly used for issuing access token. There are 4 ways to obtain access token as per RFC 6749. Authorization code Implicit Password Client credentials The third party application must obtain a client id and client secret from the target service before obtaining access token no matter which method to use. This is to prevent token to be used maliciously. Authorization code With this method, the third party application must first get an authorization...

   OAUTH2,ACCESS TOKEN,REFRESH TOKEN     2019-06-29 07:12:03

  Remote form submission

Remote form submission is way of submitting HTML forms from local to a particular remote server. This is used by many advertisers, spammers or even hackers to submit bad data to other websites in order to get what they want. They can write some automation scripts to help them do spamming. How can people do remote form submission and how to prevent this kind of attacks? Since a website can be accessed by almost every one, so one can save a local copy of a HTML form of a website through File->S...

   PHP,Security,Remote form submission     2013-07-14 01:04:49

  PHP to get access token for Facebook app

Since Facebook is now using OAuth 2.0 to authenticate apps to access user information. the SDK of Facebook has provided developers some useful functions to get authentication done. For example, in PHP SDK, there are getAccessToken(), getLoginUrl() etc. But unfortunately, for me I cannot use getAccessToken() method to get the user access token, it only returns me the app access token. Finally I gave up this approach to get access token for the time being. I may later retry this approach if I have...

   Faceook,PHP,Access token,signed request     2012-03-27 12:37:46

  PHP to get access token for Sina Weibo app

Previously I wrote two articles about getting access token for Facebook and Twitter apps using PHP. Today I will write one more article about getting access token for Sina Weibo app using PHP. OAuth 2.0 is now the authorization mechanism of Sina Weibo API. The API authorization process is similar to the process of Twitter. It has basically two steps: 1. Authorization; 2. Get access token. 1. Create an app. I hope you know how to create an app in Sina Weibo now. If not. You can access this page ...

   PHP,access token,Sina Weibo     2013-05-16 12:07:39

  PHP to integrate with Sign in with Google

Google has a huge user base and hence it provides an authentication service for third party service to integrate with them so that people can sign in with Google in their services. Google also adopts OAuth 2 to provide this kind of Open ID connect service. This post will introduce how to integrate with sign in with Google functionality in your PHP website.  Create a client app on Google The first step you should follow is to create a Google app, you can follow the post here to create the p...

   PHP,GOOGLE API,OPEN API,SIGN IN WITH GOOGLE     2019-03-03 02:00:09

  Introduction to OAuth (in Plain English)

Last week we talked about giving away your passwords and how you should never do it.  When a website wants to use the services of another—such as Bitly posting to your Twitter stream—instead of asking you to share your password, they should use OAuth instead. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password. This is a quick guide to illustrate, as simply as possibl...

   Security,OAuth,Permission,Partial access     2012-04-05 11:39:54

  PHP to get access token for Twitter app

Previously we wrote an article about getting access token for Facebook app--PHP to get access token for Facebook app. Today we will introduce how to get access token for Twitter app using PHP. Since now Twitter is also using OAuth 2.0 to allow some web apps to access some users information on behalf of one user. They provided some APIs for developers to easily get them integrated with their own websites. The first step to get all these done is how to get the access token, the access token seems ...

   Twitter,OAuth,access token,PHP     2013-03-03 03:49:26

  Create animated refresh button in Android

In Android, we can have drawings on a button, also we can put animated drawings on a button as well. Today we will show how to create an animated refresh button with an animated spinner on it. We need to create an animated drawing first. Here we name it as progress.xml and put it in the res/drawable folder: <?xml version="1.0" encoding="utf-8"?><animation-list xmlns:android="http://schemas.android.com/apk/res/android"    android:id="@+id/spin_refresh" android:oneshot="fal...

   Animation,Spinner,Refresh button,Android     2012-11-02 11:51:41

  Accessing Reddit top posts using OAuth

Previously one can use the https://www.reddit.com/r/rprogramming/top.json API to access one subreddit's top posts. This API doesn't require any access token to fetch the data. However, this API may not work all the time. Reddit may block the API's request if it finds that you are using a script or some app which accesses the API now and then. For an app or script which needs to fetch the data routinely, what should we do? Reddit provides one method which can be used to fetch this kind of to...

   REDDIT,OAUTH,TOP POSTS,HOT POSTS     2023-12-16 07:24:14

  A serious security vulnerability found in MySQL/MariaDB

Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...

   MySQL,MariaDB,bug,fix,password,memcmp()     2012-06-11 10:28:09

RECENT