How to start working with OAuth

Posted on 2014-08-08
Medium Priority
1 Endorsement
Last Modified: 2014-08-14
OK, I want to dive in working with OAuth.

What do I have to dowload.

What program will support the OAuth protocol as a IdP ?

Question by:Anthony Lucia
LVL 66

Assisted Solution

btan earned 1000 total points
ID: 40250554
A good means is the oauth.net (http://oauth.net/) which you can go into the "Consumer developers" or "Service Provider developer". Also do not miss the The Beginner’s Guide to OAuth (http://oauth.net/documentation/getting-started/), and do not jump straight w/o reading them minimally.. The necessary libraries are available as well (http://oauth.net/code/)

A sample oauth use case workflow will help to better visual what your role and guide the direction for development as "user", "consumer" or "Service provider"

Many services such as Facebook, Github, and Google have already deployed OAuth 2 servers, and deployed implementations. Before you can begin the OAuth process, you must first register a new app with the service. When registering a new app, you usually register basic information such as application name, website, a logo, etc. In addition, you must register a redirect URI to be used for redirecting users to for web server, browser-based, or mobile apps. See more steps (http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified). Make sure you always send requests over HTTPS and never ignore invalid certificates. HTTPS is the only thing protecting requests from being intercepted or modified.

Ultimately for service provider, it will need the IdP to validate the user identity and credentials. You can catch oauth with ADFS (http://msdn.microsoft.com/en-us/library/dn633593.aspx).

Contoso is a medium-size furniture manufacturer. The developers for Contoso have been exploring building a new MVC5 ToDoList Web API and client applications that can use this API. However they want to be able to restrict access to the users of their on-premises Active Directory instance and use Active Directory as their Identity Provider. The developers already have a good understanding of OAuth and would like to leverage this for authentication.
To demonstrate the use of a native client with AD FS, we will build a WPF and Windows Store application using Windows Azure Authentication Library that allows a user to authorize access to a REST service with their AD account.
As part of the walkthrough we will also build a simple service that the client can call. The service provides a central location for a user to save their ToDo List, this service can be hosted on-premises or in the cloud.
You should rather focus on leveraging available Service Providers which either has its IdP or able to tap Ent IdP...see (http://en.wikipedia.org/wiki/OAuth#List_of_OAuth_service_providers)
E.g. Google (https://developers.google.com/accounts/docs/OAuth2) which make available Google Data API (https://developers.google.com/gdata/articles/oauth).
E.g. Saleforce (https://developer.salesforce.com/page/Using_OAuth_to_Authorize_External_Applications)
LVL 30

Accepted Solution

Mayank S earned 1000 total points
ID: 40253409
Start with Apache CXF as your OAuth provider. You need to write a custom data provider for it.

OAuth 2 - http://cxf.apache.org/docs/jax-rs-oauth2.html

OAuth 1 - http://cxf.apache.org/docs/jax-rs-oauth.html

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
Don’ts and Dos are two important end products of software testing basics that a tester needs to regard. This article attempts to explain the principles of both.
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question