The Secrets of OAuth 2.0 Part 1/2 • Aaron Parecki & Eric Johnson • GOTO 2020
This interview was recorded for the GOTO Book Club. #GOTOcon #GOTOBookClub
http://gotopia.tech/bookclub
Aaron Parecki - Author of "OAuth 2.0 Simplified" @aaronpk
Eric Johnson - Senior Developer Advocate at AWS Serverless
PART 2: https://youtu.be/mb4JzsBBglg
DESCRIPTION
The OAuth 2.0 authorization framework has become the industry standard in providing secure access to web APIs. It allows users to grant external applications access to their data, such as profile data, photos, and email, without compromising security. OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server. Through high-level overviews, step-by-step instructions, and real-world examples, you will learn how to take advantage of the OAuth 2.0 framework while building a secure API.
The interview is based on Aaron Parecki's new book "OAuth 2.0 Simplified": https://amzn.to/2A3IMOf
TIMECODES
00:00 Series intro
00:48 Episode intro
01:09 The history of OAuth
03:15 Differences between OAuth 1 & 2
09:28 Differences between AuthN & AuthZ
15:06 Who is the target audience for this book?
16:28 Do you recommend building your own OAuth server?
19:34 What's a grant type and how does it work?
23:30 Advantages of short access & long refresh token periods
26:47 What is PKCE grant type in OAuth & how to use it
31:14 Key takeaways from the book
33:13 Outro
Read the full transcription of the interview here:
https://gotopia.tech/bookclub/episodes/the-secrets-of-oauth-2
RECOMMENDED BOOKS
Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf
Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz
Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC
Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3
Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6
Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2
https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#OAuth #OAuth2 #OAuth1 #Security #AuthN #AuthZ #PKCE #OAuthServer #Programming #AaronParecki #EricJohnson #Serverless #ProgrammingLanguages #Privacy
SUPPORTER
This episode of the GOTO Book Club was made possible thanks to the support of GOTOpia.tech. Created for developers, by developers, the GOTO event series goes beyond annual conferences held in Chicago, Amsterdam and Copenhagen: you can also join online conferences, online masterclasses and meetups with top creators and leaders in tech year-round.
And if joining one of these top-rated events isn't enough to satisfy your hunger for the latest in tech, you can watch over a thousand high-quality talks on the GOTO YouTube channel — subscribe now for new videos released (almost) daily and join GOTO in person or online at any upcoming conferences using the promo code ‘bookclub’.
http://gotopia.tech
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at http://gotopia.tech
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Видео The Secrets of OAuth 2.0 Part 1/2 • Aaron Parecki & Eric Johnson • GOTO 2020 канала GOTO Conferences
http://gotopia.tech/bookclub
Aaron Parecki - Author of "OAuth 2.0 Simplified" @aaronpk
Eric Johnson - Senior Developer Advocate at AWS Serverless
PART 2: https://youtu.be/mb4JzsBBglg
DESCRIPTION
The OAuth 2.0 authorization framework has become the industry standard in providing secure access to web APIs. It allows users to grant external applications access to their data, such as profile data, photos, and email, without compromising security. OAuth 2.0 Simplified is a guide to building an OAuth 2.0 server. Through high-level overviews, step-by-step instructions, and real-world examples, you will learn how to take advantage of the OAuth 2.0 framework while building a secure API.
The interview is based on Aaron Parecki's new book "OAuth 2.0 Simplified": https://amzn.to/2A3IMOf
TIMECODES
00:00 Series intro
00:48 Episode intro
01:09 The history of OAuth
03:15 Differences between OAuth 1 & 2
09:28 Differences between AuthN & AuthZ
15:06 Who is the target audience for this book?
16:28 Do you recommend building your own OAuth server?
19:34 What's a grant type and how does it work?
23:30 Advantages of short access & long refresh token periods
26:47 What is PKCE grant type in OAuth & how to use it
31:14 Key takeaways from the book
33:13 Outro
Read the full transcription of the interview here:
https://gotopia.tech/bookclub/episodes/the-secrets-of-oauth-2
RECOMMENDED BOOKS
Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf
Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz
Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC
Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3
Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6
Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2
https://twitter.com/GOTOcon
https://www.linkedin.com/company/goto-
https://www.facebook.com/GOTOConferences
#OAuth #OAuth2 #OAuth1 #Security #AuthN #AuthZ #PKCE #OAuthServer #Programming #AaronParecki #EricJohnson #Serverless #ProgrammingLanguages #Privacy
SUPPORTER
This episode of the GOTO Book Club was made possible thanks to the support of GOTOpia.tech. Created for developers, by developers, the GOTO event series goes beyond annual conferences held in Chicago, Amsterdam and Copenhagen: you can also join online conferences, online masterclasses and meetups with top creators and leaders in tech year-round.
And if joining one of these top-rated events isn't enough to satisfy your hunger for the latest in tech, you can watch over a thousand high-quality talks on the GOTO YouTube channel — subscribe now for new videos released (almost) daily and join GOTO in person or online at any upcoming conferences using the promo code ‘bookclub’.
http://gotopia.tech
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at http://gotopia.tech
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Видео The Secrets of OAuth 2.0 Part 1/2 • Aaron Parecki & Eric Johnson • GOTO 2020 канала GOTO Conferences
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Grinding the Monolith • Michael Nygard • YOW! 2018
Java, Code Coverage: Scandals, Intrigues & Investigations • Evgeny Mandrikov • GOTO 2023
Platform Engineering as a (Community) Service • Nicki Watt • GOTO 2021
Infrastructure As Code • Martin Fowler • YOW! 2016
C4 Models as Code • Simon Brown • YOW! 2022
Simplifying Systems with Elixir • Sasa Juric • YOW! 2020
Simple Functional Effects with Tag Unions • Richard Feldman • YOW! 2022
Idioms for Building Fault-tolerant Applications with Elixir • José Valim • YOW! 2021
Architects Live in the First Derivative • Gregor Hohpe • YOW! 2019
Prioritizing Technical Debt as If Time & Money Matters • Adam Tornhill • GOTO 2022
eBPF: Fueling New Flame Graphs & more • Brendan Gregg • YOW! 2022
Microservices • Martin Fowler • YOW! 2016
Event Sourcing • Martin Fowler • YOW! 2016
Getting to Grips with Kubernetes RBAC • Liz Rice • GOTO 2019
The Power & Performance of Phoenix LiveView • Geoffrey Lessel • GOTO 2021
ING's Journey to Agile • Henk Kolk • GOTO 2015
Securing Danish Healthcare Using Cloud Native • Frederik Mogensen • GOTO 2021
Migrating to Kubernetes + Best Practices for Cloud Native • T. Vitale & L. Højgaard • GOTO 2021
#SteveWozniak H = S – F • What is your Formula for Happiness? • Link to Full Video in Description
Why Functional Programming Matters • John Hughes • YOW! 2017
Drinking a River of IoT Data with Akka.NET • Hannes Lowette • GOTO 2021