Oauth2.0 personal opinions

Before starting the article, let's start with a small example.

... In order to avoid the beginning of the article, let's first talk about the context: To sum up, let's say two sentences: Zhang San's information that Wang Wu wants to know, and Li Si's information about Zhang San. Wang Wu asked Zhang San, after receiving the consent of Michael Jacob, Mr. Li told Wang about Michael Jacob.

So far, Wang Wu has successfully obtained information from Michael Jacob.

The details and prerequisites of the example are as follows:

There are three people: Zhang San, Li Si, and Wang Wu. Among them, Zhang has a very good relationship with Li Si. John can tell Li Si a lot of privacy information, including the bank card number and password. In addition, Li Si is indeed a brother. Li Si promised that, without the consent of Zhang San, Li Si would be killed and would not be told by the third party. Statement of emphasis: Here is a key point, without the consent of James. In addition, the relationship between Zhang and Wang Wu is quite good. However, once Wang Wu wants to know his privacy information, he will not tell Wang Wu himself, but he will only tell Wang Wu, ask Li Si, and he also knows. If you really want to know, you just need to say something to me. ~~~ (Don't be nervous, that's it ). The relationship between Li Si and Wang Wu is also very good. Li Si trusted Wang Wu. One day, Wang Wu asked about Zhang San, but Li Si said that I promised Zhang San that I wouldn't say anything without his consent. One day, John wants Wang Wu to know his information. Well, at this time, Wang Wu asked Li Si, and Wang Wu said to Li Si, "you can tell me. If you don't believe it, ask Zhang San. At this time, after Li Si received the consent of Zhang San, he shared his information with Wang Wu. === The end Of the example.

The above simple example illustrates the general idea of oath. Sort out the key points:

1: Michael did not directly tell Wang Wu his information.

2: Wang Wu can know information about James.

3: Li Sixin Wang Wu

4: Li Si can share his information with Wang Wu. The most important premise is :!!! Li Si needs to get the consent of John.

An example in development:

There is a service number in the public platform. In this service number, you can perform many operations based on user information, such as login. Compare the above example. The role is as follows: Michael corresponds to the user. Li Si corresponds. Wang Wu corresponds to the system under the service number.

Simple "Log on with a user ID": perform the following operations: (the system under the service ID is A microsystem .)

1. You need to log on to the system under the service number. However, you do not need to enter the number or password for the Microsystem. The microsystem concatenates a link with a specified format,

2. the user clicks this link and requests to the server, which means authorizing the microsystem to allow the microsystem to use the user's information.

3. Send a code value to the microserver. Therefore, the microsystem sends a request to the server based on the code value to obtain the user ID and a token. Therefore, the microsystem can obtain the user information from the server based on the user identification on the premise that the token is valid.

Glossary:

Code value: it is called code in public platform development.

Token: known as accesstoken in public platform development

User ID: openid in the Public Development Platform

The above is the oauth authentication process.

Features:

(1). Simple: oauth service providers and application developers are easy to understand and use;

(2). Security: it does not involve information such as user keys, making it safer and more flexible. Security depends on the specific implementation. The focus is on how much information can be shared by a third-party system even after being authorized by a user on the primary service platform.

(3). Openness: Any service provider can implement oauth, and any software developer can use oauth;

Finally: paste the oauth Official Website: I believe, after a rough understanding: the official website said, it is better to understand more.

Http://oauth.net/2/

Above.

If anything is wrong, hope to Pat.

Xiao

2014.09.26

Oauth2.0 personal opinions