Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to implement an OAuth 2.0 Authorization Server?

Tags:

authorization

oauth-2.0

I understood how to write Running OAuth 2.0 code for the client side.

Using existing Authorization Server, like Google, seems to be not too complicated.

Question is: How to implement my own Authorization Server?

Since many companies have their own User/Privilege system, LDAP based (e.g. Active Directory), etc. - they must have their own Authorization Server.

Is there a framework, libraries, etc. for that? Or do I have to write the code from scratch?

like image 368
Frizz Avatar asked Jul 17 '14 08:07

Frizz

People also ask

What is authorization server in OAuth2?

At its core, an authorization server is simply an engine for minting OpenID Connect or OAuth 2.0 tokens. An authorization server is also used to apply access policies. Each authorization server has a unique issuer URI and its own signing key for tokens to keep a proper boundary between security domains.

How does OAuth2 server work?

It works by delegating user authentication to the service that hosts a user account and authorizing third-party applications to access that user account. OAuth 2 provides authorization flows for web and desktop applications, as well as mobile devices.

What is a OAuth server?

OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the initial, related, single logon credential.

1 Answers

The best reference is the OAuth 2.0 site. They list the available server libraries that you can use. Currently, the options are:

Java

  • Apache Oltu
  • Spring Security for OAuth
  • Apis Authorization Server (v2-31)
  • Restlet Framework (draft 30)
  • Apache CXF

PHP

  • PHP OAuth2 Server and Demo
  • PHP OAuth 2.0 Auth and Resource Server and Demo
  • PHP OAuth 2.0 (AS with SAML/BrowserID AuthN, with management REST API, see DEMO)

Python

  • Python OAuth 2.0 Provider (see Tutorial)
  • OAuthLib (a generic implementation of the OAuth request-signing logic) is avaliable for Django and Flask web frameworks

Other

  • NodeJS OAuth 2.0 Provider
  • Ruby OAuth2 Server (draft 18)
  • .NET DotNetOpenAuth
  • Erlang Oauth2 Server framework

I would also highly recommend that you read all the documentation available on how the standard works before getting started. There are many parts to OAuth and it can get confusing. At least, that's how I feel.

like image 94
Sid Avatar answered Oct 06 '22 23:10

Sid
Sign in to Comment

Related questions

Where must the client_secrets.json file go in Android Studio project folder tree?
POSTMAN: "You do not have permission to view this directory or page" with Bearer Token
Different output from encodeURIComponent vs URLSearchParams
PhoneGap and OAuth2
org.springframework.security.oauth2.provider.endpoint.TokenEndpoint handleException
Relation to users when these are stored in an external Identity provider service
What is the purpose of grant_type parameter in OAuth 2 Authentication
How to implement the OAuth2 Authorization code grant with PKCE for a React single page application?
Change DateTime format of OWIN .expiration and .issued dates
How to do multiple-step login in IdentityServer4?
How to get email and profile information from OAuth2 Google API?
Should I verify HTTP Referer in OAuth 2 Callback?
How can Yahoo Mail be accessed by IMAP using OAuth or OAuth2 authentication
oauth2Client.getToken missing refresh_token
Spring Security OAuth - Full authentication is required to access this resource
Multi Auth with Laravel 5.4 and Passport
GCE Python API: oauth2client.util:execute() takes at most 1 positional argument (2 given)
Refresh token and Access token in facebook API
Is HTTP Basic Authentication and OAuth 2.0 same?
Spring Boot 2.0.0 + OAuth2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!