-
Notifications
You must be signed in to change notification settings - Fork 339
/
index.php
216 lines (184 loc) · 11.9 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
<?php
$page_title = "Articles — OAuth";
$page_section = "articles";
$page_secondary = "";
$page_meta_description = "";
require('../../includes/_header.php');
?>
<div class="container">
<div>
<h2>Articles</h2>
<p>The OAuth community is dedicated to helping provide information on the proper use of the OAuth protocols through a series of articles on different topics.</p>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://fusionauth.io/learn/expert-advice/oauth/complete-list-oauth-grants" class="u-url">The Complete List of OAuth 2 Grants</a></h4>
<div class="meta">
<a href="https://twitter.com/ravgeetdhillon" class="u-author h-card">Ravgeet Dhillon</a> ・ <time class="dt-published" datetime="2022-04-12">Apr 12, 2022</time>
</div>
<div class="tags">
#oauth2
</div>
<p class="e-summary">A complete list of all the various grants that have been standardized by the IETF, including standard ones like the Authorization Code Grant, and more unusual ones like the SAML 2.0 Bearer Grant.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://www.ory.sh/run-oauth2-server-open-source-api-security/" class="u-url">Run Your Own Open Source OAuth2 and OpenID Connect Server!</a></h4>
<div class="meta">
<a href="http://github.com/aeneasr" class="u-author h-card">Aeneas Rekkas</a> ・ <time class="dt-published" datetime="2021-01-01">Jan 01, 2021</time>
</div>
<div class="tags">
#oauth2 #guide #server #oidc
</div>
<p class="e-summary">Set up a fully functional OAuth2 Server and OpenID Connect Provider using the open source <a href="https://github.com/ory/hydra">ORY Hydra</a> project in under 10 minutes.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://habr.com/ru/company/mailru/blog/456702/" class="u-url">Security of mobile OAuth 2.0</a></h4>
<div class="meta">
<a href="https://twitter.com/_nikitastupin" class="u-author h-card">Nikita Stupin</a> ・ <time class="dt-published" datetime="2019-06-19">June 19, 2019</time>
</div>
<div class="tags">
#mobile
</div>
<p class="e-summary">This article shares the concepts of mobile OAuth 2.0 attacks and security mechanisms used to prevent such issues.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple" class="u-url">What the Heck is Sign In with Apple?</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2019-06-04">June 4, 2019</time>
</div>
<div class="tags">
#apple #oidc
</div>
<p class="e-summary">Sign In with Apple is based on OAuth 2.0 and OpenID Connect, and provides a privacy-friendly way for users to sign in to websites and apps.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead" class="u-url">Is the OAuth 2.0 Implicit Flow Dead?</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2019-05-01">May 1, 2019</time>
</div>
<div class="tags">
#implicit
</div>
<p class="e-summary">What's changing with the OAuth Implicit Flow and why.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2019/02/19/add-oauth-device-flow-to-any-server" class="u-url">Add the OAuth 2.0 Device Flow to any OAuth Server</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2019-02-19">Feb 19, 2019</time>
</div>
<div class="tags">
#device
</div>
<p class="e-summary">If you want to use the OAuth Device Flow but your server doesn't support it natively, you still have other options!</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2019/01/22/oauth-api-keys-arent-safe-in-mobile-apps" class="u-url">Why OAuth API Keys and Secrets Aren't Safe in Mobile Apps</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2019-01-22">Jan 22, 2019</time>
</div>
<div class="tags">
#mobile #secret
</div>
<p class="e-summary">Here are several reasons it's not safe to use a client secret in mobile apps.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://medium.com/@torsten_lodderstedt/why-you-should-stop-using-the-oauth-implicit-grant-2436ced1c926" class="u-url">Why you should stop using the OAuth implicit grant!</a></h4>
<div class="meta">
<a href="https://twitter.com/tlodderstedt" class="u-author h-card">Torsten Lodderstedt</a> ・ <time class="dt-published" datetime="2018-11-09">Nov 9, 2018</time>
</div>
<div class="tags">
#implicit
</div>
<p class="e-summary"><i>No one should any longer use the implicit grant! That’s what IETF’s OAuth working group, the authority for official OAuth specifications, recommends in the upcoming OAuth 2.0 Security Best Current Practice RFC. The decision was met during the IETF meeting this week in Bangkok.</i></p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2018/07/16/oauth-2-command-line" class="u-url">OAuth 2.0 from the Command Line</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2018-07-16">July 16, 2018</time>
</div>
<div class="tags">
#command-line #cli
</div>
<p class="e-summary"><i><a href="https://developer.okta.com/blog/2018/07/16/oauth-2-command-line">OAuth 2.0 from the Command Line</a></i> describes a technique for building a command line OAuth client.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2018/06/29/what-is-the-oauth2-password-grant" class="u-url">What is the OAuth 2.0 Password Grant Type?</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2018-06-29">June 29, 2018</time>
</div>
<div class="tags">
#password #grant-types
</div>
<p class="e-summary"><i><a href="https://developer.okta.com/blog/2018/06/29/what-is-the-oauth2-password-grant">What is the OAuth 2.0 Password Grant Type?</a></i> describes the password grant and its most common use cases.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2018/05/24/what-is-the-oauth2-implicit-grant-type" class="u-url">What is the OAuth 2.0 Implicit Grant Type?</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2018-05-24">May 24, 2018</time>
</div>
<div class="tags">
#implicit #grant-types
</div>
<p class="e-summary"><i><a href="https://developer.okta.com/blog/2018/05/24/what-is-the-oauth2-implicit-grant-type">What is the OAuth 2.0 Implicit Grant Type?</a></i> describes the implicit flow and its most common use cases.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type" class="u-url">What is the OAuth 2.0 Authorization Code Grant Type?</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a> ・ <time class="dt-published" datetime="2018-04-10">April 10, 2018</time>
</div>
<div class="tags">
#authorization-code #grant-types
</div>
<p class="e-summary"><i><a href="https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type">What is the OAuth 2.0 Authorization Code Grant Type?</a></i> describes the authorization code flow and its most common use cases.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://aaronparecki.com/oauth-2-simplified/" class="u-url">OAuth 2 Simplified</a></h4>
<div class="meta">
<a href="https://aaronparecki.com" class="u-author h-card">Aaron Parecki</a>
</div>
<div class="tags">
#oauth #guide
</div>
<p class="e-summary"><i><a href="https://aaronparecki.com/oauth-2-simplified/">OAuth 2 Simplified</a></i> describes OAuth 2.0 in a simplified format to help developers and service providers implement the protocol. An expanded version of this article is also available <a href="https://oauth2simplified.com/">as a book</a>.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://alexbilbie.github.io/guide-to-oauth-2-grants/" class="u-url">A Guide to OAuth 2.0 Grants</a></h4>
<div class="meta">
<a href="https://alexbilbie.github.io" class="u-author h-card">Alex Bilbie</a>
</div>
<div class="tags">
#grant-types #guide
</div>
<p class="e-summary"><i><a href="https://alexbilbie.github.io/guide-to-oauth-2-grants/">A Guide to OAuth 2.0 Grants</a></i> describes each of the OAuth grants and use cases for each.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="/articles/authentication" class="u-url">End User Authentication with OAuth 2.0</a></h4>
<div class="meta">
<a href="https://twitter.com/justin__richer" class="u-author h-card">Justin Richer</a>
</div>
<div class="tags">
#authentication
</div>
<p class="e-summary">While OAuth is not an authentication protocol on its own, there are a number of high-profile authentication protocols built with OAuth 2.0. This article seeks to expose common pitfalls and demonstrate <a href="/articles/authentication">how to do end user authentication using OAuth 2.0</a> in a secure and reliable manner.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://www.loginradius.com/blog/engineering/what-is-the-difference-between-oauth1-and-oauth2/" class="u-url">What is the difference between OAuth1 and OAuth2?</a></h4>
<div class="meta">
<a href="https://www.loginradius.com/engineering/blog/author/ti-zhang/" class="u-author h-card">Ti Zhang</a>
</div>
<div class="tags">
#OAuth
</div>
<p class="e-summary">What are the major difference between these OAuth 1.0 and OAuth 2.0 and the motivations to choose each one of them? This blog describes the major difference between the two protocols.</p>
</div>
<div class="article card h-entry">
<h4 class="p-name"><a href="https://www.loginradius.com/blog/engineering/oauth2/" class="u-url">Getting Started with OAuth 2.0</a></h4>
<div class="meta">
<a href="https://github.com/indrasen715" class="u-author h-card">Indrasen Kumar</a>
</div>
<div class="tags">
#OAuth
</div>
<p class="e-summary">Using this blog one can easily understand the basic concept of Oauth 2.0.</p>
</div>
</div>
</div>
<?php require('../../includes/_footer.php'); ?>