oauth2.in.action_HTTP_javascript_其他

<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8"> <meta name="generator" content="pdf2htmlEX"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <link rel="stylesheet" href="https://static.pudn.com/base/css/base.min.css"> <link rel="stylesheet" href="https://static.pudn.com/base/css/fancy.min.css"> <link rel="stylesheet" href="https://static.pudn.com/prod/directory_preview_static/62cab7a2b742fa794da3aa41/raw.css"> <script src="https://static.pudn.com/base/js/compatibility.min.js"></script> <script src="https://static.pudn.com/base/js/pdf2htmlEX.min.js"></script> <script> try{ pdf2htmlEX.defaultViewer = new pdf2htmlEX.Viewer({}); }catch(e){} </script> <title></title> </head> <body> <div id="sidebar" style="display: none"> <div id="outline"> </div> </div> <div id="pf1" class="pf w0 h0" data-page-no="1"><div class="pc pc1 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/62cab7a2b742fa794da3aa41/bg1.jpg"><div class="t m0 x1 h2 y1 ff1 fs0 fc0 sc0 ls0 ws0">MANNING</div><div class="t m1 x2 h3 y2 ff2 fs1 fc0 sc0 ls1 ws0">Justin Richer</div><div class="t m1 x3 h3 y3 ff2 fs1 fc0 sc0 ls1 ws0">Antonio Sanso</div><div class="t m1 x4 h4 y4 ff2 fs2 fc1 sc0 ls2 ws0">F</div><div class="t m2 x5 h5 y4 ff2 fs3 fc1 sc0 ls3 ws0">OREWORD</div><div class="t m1 x6 h4 y4 ff2 fs2 fc1 sc0 ls2 ws0"> </div><div class="t m2 x7 h5 y4 ff2 fs3 fc1 sc0 ls3 ws0">BY</div><div class="t m1 x8 h4 y4 ff2 fs2 fc0 sc0 ls4 ws0"> Ian Glazer</div></div><div class="pi" data-data='{"ctm":[1.807910,0.000000,0.000000,1.807910,0.000000,0.000000]}'></div></div> </body> </html>

<div id="pf2" class="pf w0 h0" data-page-no="2"><div class="pc pc2 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/62cab7a2b742fa794da3aa41/bg2.jpg"><div class="t m3 x9 h6 y5 ff3 fs4 fc2 sc0 ls2 ws0">OAuth 2 in Action</div><div class="t m3 xa h7 y6 ff4 fs5 fc2 sc0 ls2 ws0">JUSTIN RICHER</div><div class="t m3 xb h7 y7 ff4 fs5 fc2 sc0 ls2 ws0">ANTONIO SANSO</div><div class="t m3 xc h8 y8 ff5 fs6 fc2 sc0 ls2 ws0"> </div><div class="t m3 xd h9 y9 ff6 fs5 fc2 sc0 ls5 ws1">MANNING</div><div class="t m3 xe ha ya ff7 fs7 fc2 sc0 ls2 ws0">shel<span class="_ _0"></span>ter<span class="fs8"> </span>island</div></div><div class="pi" data-data='{"ctm":[1.807910,0.000000,0.000000,1.807910,0.000000,0.000000]}'></div></div>

<div id="pf3" class="pf w0 h0" data-page-no="3"><div class="pc pc3 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/62cab7a2b742fa794da3aa41/bg3.jpg"><div class="t m0 xf hb yb ff4 fs9 fc2 sc0 ls2 ws0">For online information and ordering of this and other Manning books, please visit </div><div class="t m0 xf hb yc ff4 fs9 fc2 sc0 ls2 ws0">www<span class="_ _0"></span>.manning.com. The publisher offers discounts on this book when ordered in quantity<span class="_ _1"></span>. </div><div class="t m0 xf hb yd ff4 fs9 fc2 sc0 ls2 ws0">For more information, please contact</div><div class="t m0 x10 hb ye ff4 fs9 fc2 sc0 ls2 ws0">Special Sales Department</div><div class="t m0 x10 hb yf ff4 fs9 fc2 sc0 ls2 ws0">Manning Publications Co.</div><div class="t m0 x10 hb y10 ff4 fs9 fc2 sc0 ls2 ws0">20 Baldwin Road</div><div class="t m0 x10 hb y11 ff4 fs9 fc2 sc0 ls2 ws0">PO Box 261</div><div class="t m0 x10 hb y12 ff4 fs9 fc2 sc0 ls2 ws0">Shelter Island, NY 11964 </div><div class="t m0 x10 hb y13 ff4 fs9 fc2 sc0 ls2 ws0">Email: orders@manning.com</div><div class="t m0 xf hb y14 ff4 fs9 fc2 sc0 ls2 ws0">©2017 by Manning Publications Co. All rights reserved.</div><div class="t m0 xf hb y15 ff4 fs9 fc2 sc0 ls2 ws0">No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in </div><div class="t m0 xf hb y16 ff4 fs9 fc2 sc0 ls2 ws0">any form or by means electronic, mechanical, photocopying, or otherwise, without prior written </div><div class="t m0 xf hb y17 ff4 fs9 fc2 sc0 ls2 ws0">permission of the publisher<span class="_ _0"></span>.</div><div class="t m0 xf hb y18 ff4 fs9 fc2 sc0 ls2 ws0">Many of the designations used by manufacturers and sellers to distinguish their products are </div><div class="t m0 xf hb y19 ff4 fs9 fc2 sc0 ls2 ws0">claimed as trademarks. Where those designations appear in the book, and Manning </div><div class="t m0 xf hb y1a ff4 fs9 fc2 sc0 ls2 ws0">Publications was aware of a trademark claim, the designations have been printed in initial caps </div><div class="t m0 xf hb y1b ff4 fs9 fc2 sc0 ls2 ws0">or all caps.</div><div class="t m0 xf hb y1c ff4 fs9 fc2 sc0 ls2 ws0">Recognizing the importance of preserving what has been written, it is Manning’s policy to have </div><div class="t m0 xf hb y1d ff4 fs9 fc2 sc0 ls2 ws0">the books we publish printed on acid-free paper<span class="_ _0"></span>, and we exert our best efforts to that end. </div><div class="t m0 xf hb y1e ff4 fs9 fc2 sc0 ls2 ws0">Recognizing also our responsibility to conserve the resources of our planet, Manning books </div><div class="t m0 xf hb y1f ff4 fs9 fc2 sc0 ls2 ws0">are printed on paper that is at least 15 percent recycled and processed without the use of </div><div class="t m0 xf hb y20 ff4 fs9 fc2 sc0 ls2 ws0">elemental chlorine.</div><div class="t m0 x11 hb y21 ff4 fs9 fc2 sc0 ls2 ws0">Manning Publications Co. <span class="_ _2"> </span>Development editor: Jennifer Stout</div><div class="t m0 x11 hb y22 ff4 fs9 fc2 sc0 ls2 ws0">20 Baldwin Road <span class="_ _3"> </span>T<span class="_ _0"></span>e<span class="_ _1"></span>chni<span class="_ _1"></span>cal d<span class="_ _1"></span>evel<span class="_ _1"></span>opme<span class="_ _1"></span>nt ed<span class="_ _1"></span>itor<span class="_ _1"></span>s: Dennis Sellinger</div><div class="t m0 x11 hb y23 ff4 fs9 fc2 sc0 ls2 ws0">PO Box 261 <span class="_ _4"> </span><span class="fc3">:</span> David Fombella Pombal</div><div class="t m0 x11 hb y24 ff4 fs9 fc2 sc0 ls2 ws0">Shelter Island, NY 11964 <span class="_ _5"> </span>Copyeditor: Progressive Publishing Services</div><div class="t m0 x11 hb y25 ff4 fs9 fc2 sc0 ls2 ws0"> <span class="_ _6"> </span>T<span class="_ _0"></span>echnical proofreader: Ivan Kirkpatrick</div><div class="t m0 x11 hb y26 ff4 fs9 fc2 sc0 ls2 ws0"> <span class="_ _7"> </span>Composition: Progressive Publishing Services</div><div class="t m0 x11 hb y27 ff4 fs9 fc2 sc0 ls2 ws0"> <span class="_ _7"> </span>Cover design: Marija T<span class="_ _0"></span>udor</div><div class="t m0 xf hb y28 ff4 fs9 fc2 sc0 ls2 ws0">ISBN: 9781617293276</div><div class="t m0 xf hb y29 ff4 fs9 fc2 sc0 ls2 ws0">Printed in the United States of America</div><div class="t m0 xf hb y2a ff4 fs9 fc2 sc0 ls2 ws2">1 2 3 4 5 6 7 8 9 10 <span class="_ _8"></span>-- <span class="_ _8"></span>EBM <span class="_ _8"></span>-- <span class="_ _8"></span>22 21 20 19 18 17</div><div class="c x12 y2b w2 hc"><div class="t m0 x0 hd y2c ff8 fsa fc2 sc0 ls2 ws0">∞</div></div></div><div class="pi" data-data='{"ctm":[1.807910,0.000000,0.000000,1.807910,0.000000,0.000000]}'></div></div>

<div id="pf4" class="pf w0 h0" data-page-no="4"><div class="pc pc4 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/62cab7a2b742fa794da3aa41/bg4.jpg"><div class="t m0 x13 he y2d ff9 fs9 fc2 sc0 ls2 ws0">iii</div><div class="t m0 x14 hf y2e ff3 fsb fc2 sc0 ls2 ws0">brief contents</div><div class="t m0 x15 h10 y2f ffa fsc fc4 sc0 ls2 ws0">P<span class="_ _0"></span>ar<span class="_ _9"></span>t <span class="ff9">1</span> <span class="_ _a"> </span>First steps<span class="ws3"> .................................................................<span class="_"> </span></span><span class="ff9">1</span></div><div class="t m0 x16 h11 y30 ff4 fsd fc2 sc0 ls2 ws0">1 </div><div class="t m0 x17 h12 y31 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y30 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>What is OAuth 2.0 and why should you care? <span class="_ _b"> </span>3</div><div class="t m0 x16 h11 y32 ff4 fsd fc2 sc0 ls2 ws0">2 </div><div class="t m0 x17 h12 y33 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y32 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>The OAuth dance <span class="_ _b"> </span>21</div><div class="t m0 x15 h10 y34 ffa fsc fc4 sc0 ls2 ws0">P<span class="_ _0"></span>ar<span class="_ _9"></span>t <span class="ff9">2</span><span class="ws4"> <span class="_ _c"></span><span class="ws0">Building an OAuth <span class="ff9">2</span> environment<span class="ws5"> ......................<span class="_"> </span></span><span class="ff9">41</span></span></span></div><div class="t m0 x16 h11 y35 ff4 fsd fc2 sc0 ls2 ws0">3 </div><div class="t m0 x17 h12 y36 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y35 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Building a simple OAuth client <span class="_ _b"> </span>43</div><div class="t m0 x16 h11 y37 ff4 fsd fc2 sc0 ls2 ws0">4 </div><div class="t m0 x17 h12 y38 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y37 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Building a simple OAuth protected resource <span class="_ _b"> </span>59</div><div class="t m0 x16 h11 y39 ff4 fsd fc2 sc0 ls2 ws0">5 </div><div class="t m0 x17 h12 y3a ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y39 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Building a simple OAuth authorization ser<span class="_ _9"></span>ver <span class="_ _b"> </span>75</div><div class="t m0 x16 h11 y3b ff4 fsd fc2 sc0 ls2 ws0">6 </div><div class="t m0 x17 h12 y3c ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y3b ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>OAuth 2.0 in the real world <span class="_ _b"> </span>93</div><div class="t m0 x15 h10 y3d ffa fsc fc4 sc0 ls2 ws0">P<span class="_ _0"></span>ar<span class="_ _9"></span>t <span class="ff9">3</span><span class="ws4"> <span class="_ _c"></span><span class="ws0">OAuth <span class="ff9">2</span> implement<span class="_ _1"></span>a<span class="_ _0"></span>tion </span></span></div><div class="t m0 x19 h13 y3e ffa fsc fc4 sc0 ls2 ws0">and vulnerabilities</div><div class="t m0 x1a h10 y3f ffa fsc fc4 sc0 ls2 ws6"> ............................................<span class="_ _d"> </span><span class="ff9 ws0">119</span></div><div class="t m0 x16 h11 y40 ff4 fsd fc2 sc0 ls2 ws0">7 </div><div class="t m0 x17 h12 y41 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y40 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Common client vulnerabilities <span class="_ _b"> </span>121</div><div class="t m0 x16 h11 y42 ff4 fsd fc2 sc0 ls2 ws0">8 </div><div class="t m0 x17 h12 y43 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y42 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Common protected resources vulnerabilities <span class="_ _b"> </span>138</div><div class="t m0 x16 h11 y44 ff4 fsd fc2 sc0 ls2 ws0">9 </div><div class="t m0 x17 h12 y45 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y44 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Common authorization ser<span class="_ _9"></span>ver vulnerabilities <span class="_ _b"> </span>154</div><div class="t m0 x1b h11 y46 ff4 fsd fc2 sc0 ls2 ws0">10 </div><div class="t m0 x17 h12 y47 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x18 h11 y46 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Common OAuth token vulnerabilities <span class="_ _b"> </span>168</div><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a></div><div class="pi" data-data='{"ctm":[1.807910,0.000000,0.000000,1.807910,0.000000,0.000000]}'></div></div>

<div id="pf5" class="pf w0 h0" data-page-no="5"><div class="pc pc5 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/62cab7a2b742fa794da3aa41/bg5.jpg"><div class="t m0 xf he y48 ff9 fs9 fc2 sc0 ls2 ws0">iv <span class="_ _e"> </span><span class="ffc fs6">brief contents</span></div><div class="t m0 xf h10 y49 ffa fsc fc4 sc0 ls2 ws0">P<span class="_ _0"></span>ar<span class="_ _9"></span>t <span class="ff9">4</span><span class="ws4"> <span class="_ _c"></span><span class="ws0">T<span class="_ _f"></span>aking OAuth further<span class="ws7"> ..........................................<span class="_ _10"> </span></span><span class="ff9">179</span></span></span></div><div class="t m0 x1c h11 y4a ff4 fsd fc2 sc0 ls2 ws0">11 </div><div class="t m0 x1d h12 y4b ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x16 h11 y4a ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>OAuth tokens <span class="_ _b"> </span>181</div><div class="t m0 x1c h11 y4c ff4 fsd fc2 sc0 ls2 ws0">12 </div><div class="t m0 x1d h12 y4d ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x16 h11 y4c ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Dynamic client registration <span class="_ _b"> </span>208</div><div class="t m0 x1c h11 y4e ff4 fsd fc2 sc0 ls2 ws0">13 </div><div class="t m0 x1d h12 y4f ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x16 h11 y4e ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>User authentication with OAuth 2.0 <span class="_ _b"> </span>236</div><div class="t m0 x1c h11 y50 ff4 fsd fc2 sc0 ls2 ws0">14 </div><div class="t m0 x1d h12 y51 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x16 h11 y50 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Protocols and proﬁles using OAuth 2.0 <span class="_ _b"> </span>262</div><div class="t m0 x1c h11 y52 ff4 fsd fc2 sc0 ls2 ws0">15 </div><div class="t m0 x1d h12 y53 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x16 h11 y52 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Beyond bearer tokens <span class="_ _b"> </span>282</div><div class="t m0 x1c h11 y54 ff4 fsd fc2 sc0 ls2 ws0">16 </div><div class="t m0 x1d h12 y55 ffb fse fc2 sc0 ls2 ws0">■</div><div class="t m0 x16 h11 y54 ff4 fsd fc2 sc0 ls2 ws0"> <span class="_ _b"> </span>Summary and conclusions <span class="_ _b"> </span>298</div><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a><a class="l" rel='nofollow' onclick='return false;'><div class="d m4"></div></a></div><div class="pi" data-data='{"ctm":[1.807910,0.000000,0.000000,1.807910,0.000000,0.000000]}'></div></div>