https://www.manning.com/books/oauth-2-in-action
Think of OAuth 2 like the web version of a valet key. This HTTP-based security protocol allows the users of a service to enable applications to use that service on their behalf without handing over full control. Web and mobile apps can securely access information from other servers for these users, enabling you to give your users functionality and services from other sites. Instead of unsafe password-sharing, OAuth offers a much more secure delegation protocol. OAuth is used everywhere, from large providers like Facebook and Google, to small APIs at startups, and even cloud services, it’s the worldwide standard. OAuth 2 is the must-know security protocol on the web today.
OAuth 2 in Action teaches you practical use and deployment of this protocol from the perspective of a client, authorization server, and resource server. You’ll begin with an overview of OAuth and a look at its components and interactions. Then, using lots of hands-on examples, you’ll build your first OAuth client, followed by an authorization server, and then a protected resource. The second part of the book dives into crucial implementation vulnerability topics. Then you learn about tokens, dynamic client registration, and more advanced topics. This book teaches you to how to distinguish between different OAuth options and choose the right set for your application. By the end of this book, you’ll be able to build and deploy applications that use OAuth on both the client and server sides.
Justin Richer is a systems architect, software engineer, standards editor, and service designer working as an independent consultant. Antonio Sanso works as Security Software Engineer, he is a vulnerability security researcher and an active open source contributor.
연습 챕터 진행전에 Prettier로 코드 포맷팅을 하기로 했다. 일괄로 할 때는 포맷팅 오류가 발생하는 파일들이 있어서, 매 챕터 진행마다 확인하면서 진행하면 되겠다.