Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using Google OAuth2 from Silverlight out-of-browser application

I'm planning to access Google's APIs and do authentication using OAuth2. Since I'm going to access them from a Silverlight out-of-browser application I was wanting to know how to keep it secure enough.

I understand that keeping all the details necessary to authenticate on the client is a bit risky. By this I mean the client_id, client_secret, etc. as they could easily be obtained by someone else. So I was wondering how people get round this? Would you use a web service to initally contact Google when authenticating? If so, how can I help keep that secure so only my Silverlight client can access it?

like image 318
Chris Shepherd Avatar asked May 14 '11 15:05

Chris Shepherd


1 Answers

OAuth client side authentication does not expose any secret information. If you look at OAuth 2.0 for client-side web applications you will see that only required information is public client_id.

like image 53
Denis Avatar answered Oct 13 '22 10:10

Denis