FI-WARE Account and OAuth solution

Securing Access with Oauth2

Javier CerviñoÁlvaro Alonso

Identity Manager

Account

FI-WARE Account (Identity Manager) Demo

OAuth 2.0

OAuth Message Flow

Web App Account

redirect

request access-token

access-token

access-code

Request user info using access-token

OAuth Libraries

http://oauth.net/2/

• PHP, Cocoa, iOS, Java, Ruby, Javascript, Python.

Example using Node.js

• https://github.com/ging/oauth2-example-client

OAuth Demo

Web Applications and GEs

Generic Enabler

Account

Request

redirect

access-code

access-token

access-token + path

OK + user info

Web AppO

Web Applications and GEs

GET https://GE_URL HTTP/1.1

Host: GE_hostname

X-Auth-Token: access_token

AA for free!

Back-end Apps

Account

Request

Web App

redirect

access-code

access-token

access-token + path

OK + user info

Slides:

• http://tinyurl.com/ws2-fiware

FI-LAB Account:

• Source Code: https://github.com/ging/fi-ware-idm

• Documentation: https://github.com/ging/fi-ware-idm/wiki

FI-LAB OAuth Demo:

• https://github.com/ging/oauth2-example-client

FI-LAB Proxy:

• https://github.com/ging/fi-ware-pep-proxy

http://fi-ppp.eu

http://fi-ware.eu

Follow @Fiware on Twitter !

Thanks !

FI-WARE Account and OAuth solution

Technology

Transcript of FI-WARE Account and OAuth solution

Painless OAuth

H. Tschofenig OAuth 2.0 Security: OAuth Open Redirector · OAuth 2.0 Security: OAuth Open Redirector draft-bradley-oauth-open-redirector-02.txt Abstract This document gives additional

「金融API向けOAuth」にみるOAuthプロファイリングの実際 #secjaws #finsecjaws01 #oauth #oidc #api

The Essential OAuth Primer: Understanding OAuth …docs.media.bitpipe.com/.../item_426600/The-Essentials-of-OAuth.pdfThe Essential OAuth Primer: Understanding OAuth for Securing Cloud

Oracle Access Management OAuth Service€¦ · OAuth 2.0 authorization server and also offers several compelling differentiations to enable the OAuth 2.0 Client and the OAuth 2.0

Identity Workshopinnovbfa.viabloga.com/files//Cloud_Identity_Summit... · OAuth 2.0 OAuth 1 + OAuth-WRAP + IETF = OAuth 2.0 Expanded participation with other major vendors such as

OAuth for TeraGrid Gateways - …security.ncsa.illinois.edu/teragrid-oauth/OAuthforTGGateways...OAuth for TeraGrid Gateways Jim Basney Jeff Gaynor

How (Not) to Use OAuth - Daniel Fett...Authorization OAuth Authorization Server & Resource Server User Client Photo Editor Google Photos account authorizes to access Authentication

Oracle OAuth ServiceOAuth 2.0 authorization server and also offers several compelling differentiations to enable the OAuth 2.0 Client and the OAuth 2.0 Resource Server roles. OAM OAuth

OAuth protokol - sigurnost.zemris.fer.hrsigurnost.zemris.fer.hr/protokoli/2011_budiselic/OAuth protokol.pdf · OAuth protokol Ivan Budiseli c Seminarski rad za poslijediplomski predmet

The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs

An Introduction to OAuth 2 - Aaron Parecki OAuth aka the Dark Ages If a third party wanted access to an account, you’d give them your password. aaron.pk/oauth2 @aaronpk

OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu

@dfett42 How (Not) to Use OAuth - danielfett.de...Authorization OAuth (RFC6749+RFC6750) Authorization Server & Resource Server User Client Photo Editor Google Photos account authorizes

Entendiendo oAuth

Open authentication (oauth)

Twitter oauth

Twitter4R OAuth

Facebook & OAuth

Alternatives to oAuth for DECE - WikiLeaks · PDF fileCurrent Issues • login() exposes credentials to theft • uname/pw storage causes account sync issues • oauth suited for unknown