#33: OAuth 2.0

16 lut 2021 | Podcast | programowanie | oauth | IT

OAuth 2.0 is a standardized authorization protocol. In this episode, I’ll explain just one use case of it: the authorization code flow. It allows server-side application to act on behalf of a user of another service. For example, a 3rd party application can post on Twitter on your account. Historically, to do this, this application must have had your Twitter credentials stored. Not only you had to reveal your Twitter password, but also that application must store it in plain text. Such an approach has multiple flaws. First of all, if the application is not entirely honest, it can now do anything on your behalf. Including changing your password and stealing your online account. But even if you trust the 3rd party application, it can still be hacked. Your password, together with thousands or millions of others, is compromised.

Read more: https://256.nurkiewicz.com/33

Get the new episode straight to your mailbox: https://256.nurkiewicz.com/newsletter

Odsłuchaj odcinek

POSTY TEGO AUTORA

#38: HTTP cookies: from saving shopping cart to online tracking30 mar 2021

Podcast | programowanie | cookies | http | web development | IT

#37: Fallacies of distributed computing23 mar 2021

Podcast | programowanie | distributed computing | IT

#36: Microservices architecture: principles and how to break them16 mar 2021

Podcast | programowanie | software architecture | microservices | IT

#35: Reactive programming: from spreadsheets to modern web frameworks2 mar 2021

Podcast | programowanie | reactive programming | IT

#34: SQL joins23 lut 2021

Podcast | programowanie | sql | join | IT

Around IT In 256 Seconds

Around IT In 256 Seconds