OAuth and oauth

OAuth and oauth

1. Background of OAuth generation

With the development of the Internet, some Internet giants have accumulated massive amounts of users and data. For platform-level software vendors, the user needs are diverse and varied. The varied demands are fully met by one's own efforts, and it is inevitable that they are exhausted by their own lives. Therefore, a large number of third-party developers who open data in the form of interfaces become an inevitable trend. Third-party

After secondary development, developers can meet the unique needs of a small number of users, that is, they can gain their own benefits and make data streams dynamic, forming

In this context, a benign ecosystem can achieve a win-win situation for users, platform vendors, and third-party developers. The OAUTH protocol was born.

2. Introduction to OAuth Protocol

The OAUTH protocol is designed to provide a secure and open standard for authorized access to user resources. The platform provider prompts the user to authorize a third-party software vendor (ISV) through the OAUTH protocol. This allows third-party software vendors to use part of the platform vendor's data to provide services to users. Unlike the previous authorization forms, the OAUTH protocol does not need to touch the user's account information and password to complete third-party authorization for user information access.

The user authorizes a third-party application through the platform provider. After the third-party application is authorized, the user can access the user authorization information through the platform provider's interface within a certain period of time, provide services to users.

3. OAuth authorization process

The core idea of the protocol is to classify and isolate resources, and ISV guides users to log on to the platform and complete authorization. After authorization, ISVs can access the user's private data within a certain period of time. Users can fully control this process and cancel authorization.

Authorization of the OAUTH protocol to be activated:

1. A third-party developer is required to apply for an Application ID (APPID) from Ping Taiwan to register his APP.

2. One OAUTH authorization includes three roles:

1. Common users

2. Third-party applications (ISV)

3. Platform vendors.

3. The authorization process is as follows:

<

1. the user first accesses the ISV application and initiates a request.

2. After receiving the user REQUEST, ISV then requests the TOKEN from Taiwan businessmen and carries the requested APPID.

3. The platform returns the request token to the ISV application.

4. The ISV application directs the user to the platform authorization page and carries his own APPID, request token, and callback address.

5. log on to the platform page and complete authorization. (In this way, the user name and password will not be exposed to a third party ).

6. The platform returns the access token to the ISV application through the callback link provided by ISV.

7. The ISV application obtains the user's authorized data through the access token, processes the data, and returns it to the user. The authorized data ACCESS is complete.