OpenID and OAuth2 are the most ubiquituous web protocols when it comes to authentication and authorization. They are somewhat complicated, and usually hard for newcomers to grok. Often explained, rarely understood, it turns out they are are based on a few primitives that are easy to implement.
In this presentation, rather than going through the nitty-gritty details and puzzling over inscrutable diagrams, we use code! First, we pick a common language, e.g. Python, Java or Javascript. Then we implement an authentication flow, without using an existing library. This will help you visualize the steps involved, and it'll give you a sense of what that oauth2 library you need to use actually does.
In this presentation, rather than going through the nitty-gritty details and puzzling over inscrutable diagrams, we use code! First, we pick a common language, e.g. Python, Java or Javascript. Then we implement an authentication flow, without using an existing library. This will help you visualize the steps involved, and it'll give you a sense of what that oauth2 library you need to use actually does.
Daniel Garnier-Moiroux
VMware / Spring
Daniel Garnier is a software engineer at VMware, working in the identity space and on SSO for applications. He is an adjunct professor at Mines Paris, where he teaches CS and software engineering classes.
He contributes to Spring Security, and has a keen interest in automation and developer productivity.
He contributes to Spring Security, and has a keen interest in automation and developer productivity.