OpenID and OAuth2 are the most ubiquituous web protocols when it comes to authentication and authorization. They are somewhat complicated, and usually hard for newcomers to grok. Often explained, rarely understood, it turns out they are are based on a few primitives that are easy to implement.
In this presentation, rather than going through the nitty-gritty details and puzzling over inscrutable diagrams, we use code! First, we pick a common language, e.g. Python, Java or Javascript. Then we implement an authentication flow, without using an existing library. This will help you visualize the steps involved, and it'll give you a sense of what that oauth2 library you need to use actually does.
In this presentation, rather than going through the nitty-gritty details and puzzling over inscrutable diagrams, we use code! First, we pick a common language, e.g. Python, Java or Javascript. Then we implement an authentication flow, without using an existing library. This will help you visualize the steps involved, and it'll give you a sense of what that oauth2 library you need to use actually does.
Daniel Garnier-Moiroux
Spring @ Broadcom
Daniel Garnier is a software engineer in the Spring team at Broadcom, working on Spring Security, and more broadly in the identity space and SSO for applications. He is an adjunct professor at Mines Paris, where he teaches CS and software engineering classes.
He contributes to Spring Security and many open source projects, and has a keen interest in security, automation and developer productivity.
He contributes to Spring Security and many open source projects, and has a keen interest in security, automation and developer productivity.