Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can anybody explain OAuth?

Tags:

rest

c#

android

security

oauth

I've read a bit about it at http://oauth.net/ , it's "a simple way to publish and interact with protected data" apparently.

I think it's exactly what I need to provide a secure way of accessing data from an android/iphone app via a REST web service, but I can't work out exactly what it is.

So, put simply, what exactly does it do and are there any (really) simple examples of it in action I can follow, preferably implementing something in c# that can be accessed from a smartphone app?

like image 583
jonhobbs Avatar asked Aug 18 '10 16:08

jonhobbs

People also ask

How do you explain OAuth?

OAuth is an open-standard authorization protocol or framework that provides applications the ability for “secure designated access.” For example, you can tell Facebook that it's OK for ESPN.com to access your profile or post updates to your timeline without having to give ESPN your Facebook password.

Is OAuth difficult?

It's not simple. It gets a little simpler with bearer tokens in OAuth 2.0 but because of the security requirements and the fact that you have to exchange identity without a password, it's always going to be a little complex.

What is OAuth for beginners?

The (OAuth) client: The application that requests access to protected resources on behalf of the resource owner. It uses the access token to prove authorization. The authorization server: The entity that authenticates the resource owner, obtains authorization, and issues access tokens to the client.

Is OAuth confidential client?

OAuth defines two types of clients: confidential clients and public clients. Confidential clients are applications that are able to securely authenticate with the authorization server, for example being able to keep their registered client secret safe.

1 Answers

From the link provided by Craig Stuntz:

Open ID gives you one login for multiple sites. Each time you need to log into Zooomr – a site using Open ID – you will be redirected to your Open ID site where you login, and then back to Zooomr. OAuth lets you authorise one website – the consumer – to access your data from another website – the provider. For instance, you want to authorise a printing provider – call it Moo – to grab your photos from a photo repository – call it Flickr. Moo will redirect you to Flickr which will ask you, for instance, “Moo wants to download your Flickr photos. Is that cool?”, and then back to Moo to print your photos.

DotNetOpenAuth is a good C# library for Open ID and OAuth.

like image 68
Ither Avatar answered Sep 18 '22 00:09

Ither
Sign in to Comment

Related questions

InvalidOperationException when calling SaveChanges in .NET Entity framework
How to convert double to string without the power to 10 representation (E-05)
Can we add variables and properties in interfaces in C#.NET?
Interesting use of the C# yield keyword in Nerd Dinner tutorial
Creating objects from an interface in C#
Check if a DLL is present in the system
2D game programming tutorials in C#
When must we use checked operator in C#?
SyndicationItem.Content is Null
Developing a GPS car tracking system
Algorithm for Source Control System?
Sort and Group in LINQ
Simple linq question: using linq to get an array of properties
C# Drawstring Letter Spacing
Can you assign a TypeConverter without a TypeConverterAttribute?
With 2 web servers, will a singleton class have 2 instances?
C#: most readable string concatenation. best practice [duplicate]
add generic Action<T> delegates to a list
Thread Renaming
Sending an exception from thread to main thread?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!