• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Oauth
 

Oauth

on

  • 6,737 views

OAuth protocol - keeping your password to yourself in sharing of resources between sites.

OAuth protocol - keeping your password to yourself in sharing of resources between sites.

Statistics

Views

Total Views
6,737
Views on SlideShare
6,537
Embed Views
200

Actions

Likes
3
Downloads
57
Comments
0

3 Embeds 200

http://blog.elisehuard.be 196
http://www.slideshare.net 3
http://www.elisehuard.be 1

Accessibility

Categories

Upload Details

Uploaded via as OpenOffice

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

Oauth Oauth Presentation Transcript

  • OAuth: Mash-ups and Privacy
      • Elise Huard @BarcampGhent
      • 29/03/2007
      • [email_address]
  • Facebook contacts
  • Twitter contacts
  • LinkedIn contacts
  • So ...
    • To share our list of contacts
      • We ALSO give authorization to:
    • Browse our mail
    • Send mail in our name
    • Delete mail ...
    • Oauth is an answer to this.
  • OAuth
    • Consumer site asks the service provider to give read-only access to chosen resources.
  • Summary
    • Introduction
    • Brief History
    • How does it work
    • Implementation
    • Resources
    • Conclusion
  • History
    • Blaine Cook (Twitter openId) & Chris Messina (open source advocate – Barcamp :-))
    • OAuth Core 1.0 final draft: October 2007
  • Summary
    • Introduction
    • Brief History
    • How does it work
    • Implementation
    • Resources
    • Conclusion
  • How does it work ?
    • Example:
      • Service provider:
      • Resources : bookmarks
      • Consumer : my app gathering bookmarks from different services
  • Register consumer app
    • Receive
                    • Customer secret
                    • Customer key
  • User decides to access resource
    • Dialog between Mag.nolia & consumer => gets Request Token (signed)
      • http://ma.gnolia.com/oauth/get_request_token
    • User is directed to service provider (with request token) – logs in (signed)
      • http://ma.gnolia.com/oauth/authorize
    • Authorized: back to consumer site
  • ...
    • Dialog to exchange request token for access token
      • http://ma.gnolia.com/oauth/get_access_token
    • Any subsequent request with access token (signed)
    • Consumer app can use resource.
        • Limited access – limited time !
  • Summary
    • Introduction
    • Brief History
    • How does it work
    • Implementation
    • Resources
    • Conclusion
  • Getting implemented
        • Hopefully
  • Industry protocols
    • Google AuthSub
    • AOL OpenAuth
    • Yahoo BBAuth
    • Upcoming API
    • Flickr API
    • Amazon Web Services API
    • ...
  • Summary
    • Introduction
    • Brief History
    • How does it work
    • Implementation
    • Resources
    • Conclusion
  • Resources
    • Current standard : OAuth Core 1.0
    • http://oauth.net/
    • http://groups.google.com/group/oauth
    • Other Data Portability standards
    • http://microformats.org/
    • http://openid.net/
    • http://www.hueniverse.com/hueniverse/
  • Summary
    • Introduction
    • Brief History
    • How does it work
    • Implementation
    • Resources
    • Conclusion
  • Conclusion
    • For Data portability:
    • STANDARDS = GOOD
    • Ask for OAuth.