Talk about my understanding of OAuth.

Its own understanding is that OAuth is an authorization standard. Used to authorize third-party apps other than users, and third-party apps do not have access to any of the user's information during the authorization process, and third-party apps may be able to reach information within the scope of the user's authorization upon completion of the authorization. For example, there are many sites can be used QQ, Sina and other accounts to log in, QQ and Sina used is this licensing mode. First, the user to visit the third-party website page, click on the QQ number login, jump to QQ sign-in and authorization-related pages, in this process, the third party page can not get QQ number or password. After the QQ page login is successful, it will let the user select the scope of permission to grant. such as access to nicknames, Avatar and other permissions. When you are done, the server will add this token to the session of the third party page while jumping back to the third party page. When a third-party page obtains user information through a QQ server, the server determines the range of information available to third-party pages through token. This is my personal understanding of OAuth, if you have any different views welcome message discussion. ==============================================================below is a message from the Internet: OAuth is an open network standard for licensing (authorization) that is widely used worldwide and is currently available in version 2.0 .noun definitions

Before you explain OAuth 2.0 in detail, you need to know several specialized nouns. They are important to understand the explanations behind them, especially a few pictures.

(1) third-party application: Third-party applications, also referred to in this article as "client", which is "cloud stamping" in the example of the previous section.

(2)HTTPservice: HTTP provider, referred to as the "service provider" in this article, which is Google in the example of the previous section.

(3)ResourceOwner: Resource owner, also known as "user" in this article.

(4)User agent: Users agents, this article refers to the browser.

(5)AuthorizationServer: Authentication server, which is a service provider dedicated to handling authentication.

(6)ResourceServer: A resource server, which is where the service provider holds user-generated resources. It can be the same server as the authentication server, or it can be a different server.

Knowing these nouns, it is not difficult to understand that the role of OAuth is to let the "client" securely controllable access to the "user" authorization, and "service provider" interaction.

(A) After the user opens the client, the client asks the user to grant authorization.

(B) The user agrees to grant the client authorization.

(C) The client uses the authorization obtained in the previous step to request a token from the authentication server.

(D) After the authentication server authenticates the client, it confirms the error and agrees to issue the token.

(E) The client uses a token to request a resource from the resource server.

(F) The resource server confirms that the token is correct and agrees to open the resource to the client.

 

Talk about my understanding of OAuth.