PHP third-party login OAuth2.0 Protocol Video Tutorial Resource introduction

"PHP third-party login-oauth2.0 Protocol video tutorial" mainly introduces the third-party login-related protocol-oauth2.0 protocol. This paper mainly introduces the usage scenarios and implementation principles of OAuth, and explains the precautions used in the OAUTH2.0 protocol, which is of practical value.

Course Play Address: http://www.php.cn/course/410.html

The teacher's lecture style:

The teacher lively image, witty witty, witty, touching. A vivid image of the metaphor, like the finishing touch, to the students to open the door of wisdom, a proper sense of humor, attracting students to smile, such as drinking a cup of glycol wine, to the aftertaste and nostalgia, the philosopher's motto, culture of the proverbs from time and again interspersed in the middle, give people to think and alert.

The difficulty with this video is that the OAuth authorization process is detailed:

What is OAuth authorization?

First, what is the OAuth protocol

OAuth (open authorization) is an open standard, the so-called OAuth (open Authorization, opening authorization), which provides a safe and simple standard for user resource authorization.

Allow third-party websites to access various information stored by the user at the service provider, subject to user authorization.

This authorization does not require the user to provide a user name and password to the third party website, but directly from the service provider's page directly login.

OAuth allows a user to provide an access tag (a professional called a token) to a third-party site, an Access tag (a professional called a token) corresponding to a particular third-party site, and the access mark (a professional called a token) to access a specific resource only for a specific period of time

That is to say: In other words, users in the third party Web or application, the third party in the case without knowing the user's account number and password after the user authorized to obtain the user in the service provider where the article, Weibo information and other information

First, OAuth authorization must go through three steps

First step: Get an unauthorized request token (token) to jump to the service provider's login page

Step two: Get user authorization request token (Request token) User Enter account password to login authorization

Step three: Redeem access tokens (access tokens) with authorized request tokens

The above three steps are required steps for OAuth authorization, and many companies may have different licensing methods, but the approximate steps are the same

The following is an example of how OAuth is authorized under Sina Weibo:

1. First you want to be a SINA developer click here to enter the developer site: http://open.weibo.com

Login to register an account to add the developer's personal information, you can directly use your Weibo account to sign in and then join the developer can be detailed steps here not to repeat

2. Create an app to create an app, directly click My app in the top navigation bar to create

* Suppose you create an app name plus "program Source Weibo"

* The app is created by default and enters the "development phase" to qualify for the license

* Click on my apps at this time and you'll see the information below