Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

A simple PHP LinkedIn OAuth 2.0 example

4,171 views

Published on

Un semplice progetto sviluppato nell'ambito del corso di Sicurezza delle Architetture Orientate ai Servizi, dove mostro il funzionamento del protocollo OAuth 2.0 con il social network LinkedIn

Published in: Technology
  • Be the first to comment

A simple PHP LinkedIn OAuth 2.0 example

  1. 1. A simple PHP Linkedin OAuth 2.0 example Studente: Docente: M. Reggiani 826163 E. Damiani Anno Accademico 2013/2014
  2. 2. Entities OAuth 2.0 Authorization Server Resource Server Authorization Request User Agent Application (web browser)
  3. 3. Register App (1)
  4. 4. Register App (2)
  5. 5. Register App (3)
  6. 6. Sequence Diagram
  7. 7. App’s frontpage (1)
  8. 8. App’s frontpage (2)
  9. 9. User Grants Access (1)
  10. 10. User Grants Access (2) HTTP/1.1 302 Found Location: http://localhost/profile.php?state=dks3FdGb4 &code=AQQHlgbnkBq64NrVpWLrisElxVn5m2F1pE74Zp0aMK0T9ZunrV198
  11. 11. Access Token request POST /uas/oauth2/accessToken?grant_type=authorization_code &client_id=77q2gxr3kb8cxh &client_secret=zrkIf3DMynUNjg9u &code=AQQHlgbnkBq64NrVpWLrisElxVn5m2F1pE74Zp0aMK0T9ZunrV198 &redirect_uri=http%3A%2F%2Flocalhost%2FSOASec%2Fprofile.php HTTP/1.1 Host: www.linkedin.com
  12. 12. Access Token response HTTP /1.1 200 OK Content-Type: application/json;charset=UTF-8 { "access_token" : "2YotnFZFEjr1zCsidfrrs32scMWpAA", "expires_in":3600, }
  13. 13. Resources request using Token GET /v1/people/~:(first-name,last-name,headline,positions,picture-url, skills,languages,educations,certifications)? format=json &oauth2_access_token= 2YotnFZFEjr1zCsidfrrs32scMWpAA HTTP/1.1 Host: api.linkedin.com
  14. 14. Resources response
  15. 15. Resources response (PI.php)
  16. 16. Conclusion  Easy to code, to implement, to use  Flexible  Provides secure authorization for end user  Supports scopes for granular member permissions  No password from API calls  3rd party don't have access to password  Token:  can be revoked  can be time limited  can be refresh  short live

×