پیشنهاد فرادرس

آموزش شروع کار با OAuth 2.0

دسته بندی ها: آموزش های پلورال سایت (Pluralsight) ، آموزش طراحی وب ، آموزش REST API

OAuth 2.0 راه حلی برای امنیت API است که به HTTP API مدرن مجوز و delegation ارائه می دهد. در این دوره با OAuth 2.0، اصول OAuth، نقاط قوت و ضعف آن، برقراری امنیت اپلیکیشن نیتیو و موبایل با OAuth، فرمت های رایج پروتکل های OAuth مانند OpenID Connect و جریان دستگاه OAuth و غیره آشنا می شوید. همه اینها بدون استفاده از زبان برنامه نویسی یا پشته خاص آموزش داده شده است.

سرفصل:

  • معرفی دوره
  • API Security 101
  • مسئله ی API Authorization
  • کوکی ها
  • OAuth 2.0
  • Protocol Endpoints
  • Scope چیست؟
  • کد مجوز برای برنامه های وب
  • مجوز کلاینت برای ماشین ها
  • استفاده از Response Mode مناسب
  • اپلیکیشن های نیتیو
  • Stolen Tokens با PKCE
  • انتخاب بهترین Redirect URI
  • و غیره
آیا این نوشته را دوست داشتید؟
Getting Started with OAuth 2.0 Publisher:Pluralsight Author:Scott Brady Duration:1h 43m Level:Intermediate

OAuth 2.0 is the go-to solution for API security, bringing authorization and delegation to modern HTTP APIs. In this course, you'll learn the fundamentals of OAuth, allowing you to architect and implement the right solution for your requirements.
OAuth 2.0 is the go-to solution for API security, bringing authorization and delegation to modern HTTP APIs. In this course, Getting Started with OAuth 2.0, you'll learn the fundamentals of OAuth and why it is preferred over past solutions. First, you'll explore each grant type and flow in detail, looking at their strengths and weaknesses, and when they should be used or not. Next, you'll take a close look at native applications such as mobile apps, and their unique security issues when using OAuth. Finally, you'll learn some common extensions to the OAuth protocols, such as OpenID Connect and the upcoming OAuth device flow. All of this will be covered without using any particular programming language or stack. When you're finished with this course, you will know how to integrate with any OAuth 2 authorization server and architect the right solution for you.
Course Overview
Course Overview
1m
API Security 101
Introduction
1m
A Problem of API Authorization
2m
A Solution: Credential Sharing
3m
A Solution: Cookies
1m
A Solution: API Keys
2m
The Solution: OAuth 2.0
5m
Demo: A Very Typical OAuth Flow
1m
OAuth: A Misunderstood Protocol
4m
Summary
0m
OAuth in Detail
Introduction
1m
Protocol Endpoints
1m
What Is a Scope?
1m
Authorization Code for Web Applications
7m
Demo: Authorization Code for Web Applications
2m
Implicit Flow for Single Page Applications
5m
Demo: Implicit Flow for Single Page Applications
1m
Client Credentials for Machines
2m
Demo: Client Credentials for Machines
0m
Resource Owner Password Credentials for No One
2m
Demo: Resource Owner Password Credentials for No One
0m
Long-lived Access with Refresh Tokens
5m
Demo: Long-lived Access with Refresh Tokens
1m
Choosing the Right Response Mode
1m
When Things Go Wrong
1m
Summary
1m
Best Practices for Native Applications
Introduction
0m
The Unique Issues of Native Applications
3m
Dealing with Stolen Tokens Using PKCE
2m
Choosing the Best Redirect URI
2m
Not All Browsers Are Created Equally
3m
Demo: OAuth for Native Applications in Action
1m
Summary
1m
Extending OAuth
Introduction
0m
OAuth + Identity with OpenID Connect
8m
Demo: Identity with OpenID Connect
1m
Automatically Configuring Clients with OAuth Metadata
1m
Securely Authorizing the IoT with the OAuth Device Flow
6m
Demo: Device Flow in Action
1m
Combining SAML and OAuth with the SAML Assertion Grant
2m
Summary
1m

پیشنهاد فرادرس