oauth2-studies

Estudos sobre o framework OAuth 2.0 seguindo o curso disponível em https://www.udemy.com/course/oauth-2-simplified/

Authorization Code Flow for Web Apps

Authorization Code Flow for Native Apps

Authorization Code Flow for Single-Page Apps

OpenID Connect

Para todos os fluxos acima, caso a applicação cliente necessite de um ID Token, basta incluir o escopo openid na lista de escopos na chamada do /authorize. Nesse caso estaríamos falando do Framework OpenID Connect. Ao realizar a chamada de troca do code pelo access_token, também virá um id_token. Ex.:

{
    "token_type": "Bearer",
    "access_token": "Rs75hayasyasdfa...",
    "expires_in": 3600,
    "id_token": "eyJraWQioiJiRmxzzL2..."
}

Referências

OAuth 2.0 Authorization Framework: https://datatracker.ietf.org/doc/html/rfc6749;
PKCE Extension: https://datatracker.ietf.org/doc/html/rfc7636;
OpenID Connect: https://openid.net/connect/;
JSON Web Token (JWT): https://datatracker.ietf.org/doc/html/rfc7519;
OAuth 2.0 Token Instrospection: https://datatracker.ietf.org/doc/html/rfc7662.

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
README.md		README.md
nativeFlow.puml		nativeFlow.puml
nativeFlow.svg		nativeFlow.svg
singlePageFlow.puml		singlePageFlow.puml
singlePageFlow.svg		singlePageFlow.svg
webFlow.puml		webFlow.puml
webFlow.svg		webFlow.svg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

oauth2-studies

Authorization Code Flow for Web Apps

Authorization Code Flow for Native Apps

Authorization Code Flow for Single-Page Apps

OpenID Connect

Referências

About

Releases

Packages

rochards/oauth2-studies

Folders and files

Latest commit

History

Repository files navigation

oauth2-studies

Authorization Code Flow for Web Apps

Authorization Code Flow for Native Apps

Authorization Code Flow for Single-Page Apps

OpenID Connect

Referências

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages