RSS

3-legged OAuth flow

09 Jan

I’m going to explain about behavior of 3-legged OAuth in simple way.

Just look at this.

3-legged OAuth

Lets think one of web applications call MyApp need to access my Facebook photos.
In this example: Resource Owner – me, Consumer – MyApp, Service Provider – Facebook.

Now try to compare this example with above explained scenarios.

1. – MyApp request temporary token form Facebook.
2. – Facebook give the temporary token to MyApp.
3. – MyApp will redirect to the Facebook login page to Autorize the Token.
4. – Me login to the Facebook and Grant access to MyApp
5. – Conform about Authorization to Me
6. – MyApp Request Access Token from Facebook.
7. – Facebook issue Access Token
8. – Request to Access the photos in my Facebook account.
9. – Issue the protected photos.

This is another simple example find out from Google

oauth_graph

About these ads
 
Leave a comment

Posted by on January 9, 2013 in java, wso2

 

Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

%d bloggers like this: