Your SlideShare is downloading. ×
0
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
OAuth2 and LinkedIn
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

OAuth2 and LinkedIn

5,261

Published on

A brief hackday presentation on using the LinkedIn Platform with OAuth2

A brief hackday presentation on using the LinkedIn Platform with OAuth2

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,261
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Using Oauth2 with LinkedIn Kamyar Mohager LinkedIn Platform Team Developer Relations
  • 2. Why botherauthorizing? Developer Relations
  • 3. Not secure Developer Relations
  • 4. We need a way toconnect our LinkedIn identity securely to an application… Developer Relations
  • 5. OAuth 1.0a Developer Relations
  • 6. Secure, but…•  Relies on a calculated signature to ensure security between server and consumer•  Secure for end user but pain for developer to implement•  Difficult to debug 401 unauthorized when signature is bad (nonce, timestamp, etc)•  Not all OAuth libraries are created equal Developer Relations
  • 7. OAuth 1.0a SignatureSignature Base String POST&https%3A%2F%2Fapi.linkedin.com%2Fv1%2Fpeople%2F~%2Fshares&oauth_consumer_key%3Dmy1sh8ponem4%26oauth_nonce%3D511F013D-C950-46EF-B8FF-DE48AA6708D8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1355356360%26oauth_token%3D935e5a8b-4787-4792-a377-4b0e8bae5029%26oauth_version%3D1.0 Signature wUGmSixTSUTTKA92Ytxj6rMeAAM= HTTP Authentication Header OAuth oauth_nonce="511F013D-C950-46EF-B8FF-DE48AA6708D8"oauth_timestamp="1355356360" oauth_version="1.0"oauth_signature_method="HMAC-SHA1" oauth_consumer_key=”XXXXXXXXX"oauth_token="935e5a8b-4787-4792-a377-4b0e8bae5029"oauth_signature="wUGmSixTSUTTKA92Ytxj6rMeAAM%3D" URL https://api.linkedin.com/v1/people/~/shares Developer Relations
  • 8. OAuth 2.0•  Easier to code•  Relies on SSL instead of complicated signatures•  Still provides secure authorization for end user•  Supports scopes for granular member permissions Developer Relations
  • 9. LinkedIn + OAuth 2.0 How easy is it to authorize a LinkedIn user to my app?? Developer Relations
  • 10. Step 1REGISTER YOUR APP Developer Relations
  • 11. Go to https://www.linkedin.com/secure/developer to register your app Developer Relations
  • 12. Step 2GET AN AUTHORIZATION CODE Developer Relations
  • 13. Redirect user to login dialog Developer Relations
  • 14. User grants access Developer Relations
  • 15. The redirected URL Developer Relations
  • 16. Step 3UPGRADE AUTH CODE FOR AN ACCESSTOKEN Developer Relations
  • 17. It’s all about SSL Developer Relations
  • 18. You’re auth’dResponse Developer Relations
  • 19. So what’s the gist of all this? https://gist.github.com/4028833 Developer Relations
  • 20. Open Source Libraries•  https://github.com/intridea/oauth2 (ruby)•  https://github.com/litl/rauth (python)•  https://github.com/adoy/PHP-OAuth2 (php)•  http://www.springsource.org/spring- social (java) Developer Relations
  • 21. Questions?" Thanks! Developer Relations

×