Security Access with OAuth2.0
-
Upload
fernando-lopez-aguilar -
Category
Engineering
-
view
319 -
download
4
description
Transcript of Security Access with OAuth2.0
Open APIs for Open Minds
Securing Access with Oauth2
Fernando López Aguilar, TID([email protected], @flopezaguilar)
Javier Cerviño, Álvaro Alonso (UPM)([email protected], [email protected])
Identity Manager
2
Identity Manager
3
Account
FI-WARE Account (Identity Manager) Demo
4
OAuth 2.0
5
OAuth Message Flow
6
Web App Account
redirect
request access-token
access-token
access-code
OA
uth
Lib
rary
Request user info using access-token
OAuth Libraries
http://oauth.net/2/
• PHP, Cocoa, iOS, Java, Ruby, Javascript, Python.
Example using Node.js
• https://github.com/ging/oauth2-example-client
7
OAuth Demo
8
Web Applications and GEs
9
Generic Enabler
Account
Request
+acc
ess
-toke
n
redirect
access-code
request access-token
access-token
access-token + path
OK + user info
Web AppO
Auth
Lib
rary
Web Applications and GEs
GET https://GE_URL HTTP/1.1
Host: GE_hostname
X-Auth-Token: access_token
10
AA for free!
11
Back-end Apps
Account
Request
+acc
ess
-toke
n
Web App
Oauth
Lib
rary
Proxy
redirect
access-code
request access-token
access-token
access-token + path
OK + user info
Links
Slides:
• http://tinyurl.com/ws2-fiware
FI-LAB Account:
• Source Code: https://github.com/ging/fi-ware-idm
• Documentation: https://github.com/ging/fi-ware-idm/wiki
FI-LAB OAuth Demo:
• https://github.com/ging/oauth2-example-client
FI-LAB Proxy:
• https://github.com/ging/fi-ware-pep-proxy
12
http://fi-ppp.eu
http://fi-ware.eu
Follow @Fiware on Twitter !
Thanks !
13