Kevin Maschtaler
I write code | @tint
Développeur chez Yupeek
Initiation à
Serveur d'authentification centralisé
(mail + mot de passe)
Appli iOS
Pèse-parpaing
Service Web
Comptabilité
API REST
Logistique
+
Resource Owner
(user)
Client Application
Authentication
Server
Resource
Server
Access Token
Refresh Token
Authorization Code
CLIENT + SECRET ID
RESOURCE
Application
Serveurs
TOKEN
curl -X POST -d 'grant_type=client_credentials'
http://CLIENTID:SECRETID@localhost/token/
{
"access_token": "G6ZWqvnxZju7EDr0qVO8JlJkv4iKBv",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "read write"
}
curl -H 'AUTHORIZATION: Bearer G6ZWqvnxZju7EDr0qVO8JlJkv4iKBv'
http://localhost/locations/2990999/
{
"id": 2990999,
"name": "Nancy",
"slug": "nancy",
"location": "POINT (6.1849600000000002 48.6843900000000005)",
"population": 105334,
"country": {
"id": 3017382,
"name": "France",
"slug": "france",
"code": "FR",
"population": 64768389,
"continent": "EU",
"tld": "fr"
},
}
TOKEN
AUTHORIZATION CODE
RESOURCE
3. LOGIN & CONSENT
1. ASK
FOR LOGIN
2.REDIRECTION
4. REDIRECTION +
CLIENT + SECRET ID
https://accounts.google.com/o/oauth2/auth?response_type=code&redirect_uri=https://www.qwertee.com/auth/google/callback&client_id=CLIENT_ID&scope=openid+email
https://www.qwertee.com/auth/google/callback?code=WjZSJf1fI8qV0SD4jAEPly4Yls2mkD
curl -X POST -d 'grant_type=authorization_code
&code=WjZSJf1fI8qV0SD4jAEPly4Yls2mkD
&redirect_uri=https://www.qwertee.com/auth/google/callback'
https://CLIENTID:SECRETID@accounts.google.com/oauth2/token
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yKM2C-259HOF2aQbI"
}
By Kevin Maschtaler
Brève initiation à Oauth 2.0