oauth2-studies

Estudos sobre o framework OAuth 2.0 seguindo o curso disponível em https://www.udemy.com/course/oauth-2-simplified/

Authorization Code Flow for Web Apps

Authorization Code Flow for Native Apps

Authorization Code Flow for Single-Page Apps

OpenID Connect

Para todos os fluxos acima, caso a applicação cliente necessite de um ID Token, basta incluir o escopo openid na lista de escopos na chamada do /authorize. Nesse caso estaríamos falando do Framework OpenID Connect. Ao realizar a chamada de troca do code pelo access_token, também virá um id_token. Ex.:

{
    "token_type": "Bearer",
    "access_token": "Rs75hayasyasdfa...",
    "expires_in": 3600,
    "id_token": "eyJraWQioiJiRmxzzL2..."
}

Referências

OAuth 2.0 Authorization Framework: https://datatracker.ietf.org/doc/html/rfc6749;
PKCE Extension: https://datatracker.ietf.org/doc/html/rfc7636;
OpenID Connect: https://openid.net/connect/;
JSON Web Token (JWT): https://datatracker.ietf.org/doc/html/rfc7519;
OAuth 2.0 Token Instrospection: https://datatracker.ietf.org/doc/html/rfc7662.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

oauth2-studies

Authorization Code Flow for Web Apps

Authorization Code Flow for Native Apps

Authorization Code Flow for Single-Page Apps

OpenID Connect

Referências

Files

README.md

Latest commit

History

README.md

File metadata and controls

oauth2-studies

Authorization Code Flow for Web Apps

Authorization Code Flow for Native Apps

Authorization Code Flow for Single-Page Apps

OpenID Connect

Referências