This Blog Is Not Updated Any More.

Check out my new blog on Medium: http://facilelogin.com

Topics: Identity and Access Management, Blockchain, Ethereum, Bitcoin, Security, PSD2, GDPR



Sunday, November 23, 2008

Google OAuth Playground

This demonstrates how an OAuth client can access your GMail account through the OAuth Protocol.

In our case http://googlecodesamples.com/oauth_playground is the OAuth consumer app and GMail is the service provider.

OAuth consumer needs to be pre-registered at the service provider - let's keep the OAuth parameters as they are.

With OAuth, there are two types of tokens used: request tokens and access tokens.

Request tokens are used to verify consumer registration with the service provider and get end user authorization, after which they can be exchanged for an access token.

First - OAuth consumer needs to request a 'request token'. As a response to this, the service provider will return an unauthorized request token.

Then the consumer will redirect the user to the service provider - and he can authorize the request. [After the step 4, you'll get to the image one before the last]

Once user authorized the request, consumer gets an authorized request token.

Now, in step-5, consumer exchanges the authorized request token for an access token.

The access token received in response to this request is used to request data from the service provider.

0 comments: