OAuth 2.0
What is OAuth
OAuth is an abbreviation for open authorization, which provides a secure, open, and easy standard for the authorization of user resources. allow third-party websites to access users to store information in the service provider, subject to user authorization. This authorization does not require the user to provide a user name and password to the third party website. provide a token to a third-party web site, a token corresponding to a specific third-party site, and the token can only access specific resources for a specific period of time. It is important to note that OAuth 2.0, although the next version of OAuth 1.0, is not backwards compatible with OAuth 1.0.
Basic process of OAuth 2.0 authorization
OAuth process (QQ for example):
The first step: Users choose a third-party account login.
The second step: Users enter the third-party account password, click Authorize login.
Step three: Authorization succeeds, return temporary code,code each request is different.
Fourth step: Obtain the authentication token by code Access_token,token has certain timeliness.
Fifth step: Get the user's open_id through Access_token.
Sixth step: Obtain the user authorization information through the open_id.
PS: Eye over times than hand over again
Third-party authorization based on OAuth 2.0