Enterprise OAuth 2.0 and OpenID Connect
Scheduled cron jobs can call REST API but how can they be secured? What user would they run as?
What is auth code?
What is cors, what is preflight request? Options request. How to support cors from spring boot?
RxJS switchMap/mergeMap
NgRx (store, reducer, action, effects)
Do you mind having a brief introduction on the OAuth2 for your project? Say what is your authorization server, what grant type your project use?
For spring boot, when you save passwords in the property file, how do you protect it? You cannot save plain text it. Jasypt ENC() DEC()
Spring cloud config: {cipher}
If the exception is related to a connectivity issue, such as "java.net.ConnectException" or "java.net.SocketTimeoutException", it could indicate that the connection is being blocked by a firewall.
On the other hand, if the exception is related to an SSL/TLS certificate issue, such as "javax.net.ssl.SSLHandshakeException" or "javax.net.ssl.SSLException", it could indicate that there is a problem with the certificate.
However, it's important to note that exceptions can have many different causes, and the type of exception alone might not be enough to determine the root cause of the problem. Therefore, it's still recommended to follow the steps mentioned in my previous answer to help identify the root cause of the issue.
Secret: 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
https://accounts.google.com/.well-known/openid-configuration
shutterfly
OAuth 2.0 protocol relies heavily on HTTP messages being sent from the Application to OAuth 2.0 Authorization Server. When messages are sent using HTTP, there is a need to encode it using Base 64 encoding as well as URL encoding. Messages are also Hashed and Digitally Signed using a Private Key. The same is true when you use SAML 2.0 or any other Single Sign-On protocol.
password->hash
Public keys need to be certified otherwise others cannot trust them. Public key certificate is also called x.509.
Certificate Authority (CA) verify and issues the public key. It can be chained.
SAML is not a good fit for RESTful API call, the cron job call…
Shutterfly, edit photos from google photos, and share to the facebook.
If the client application is on mobile, desktop or browser (not a backend application server), the client_secret cannot be secret, in this case, code challenge/code verifier is sent.
ROPC: the client application and the resource server must be in the same organization, otherwise it’s not safe as the username/password are exposed to the client application.
Grant type:
https://developers.google.com/identity/openid-connect/openid-connect
"authorization_endpoint": "https://accounts.google.com/o/oauth2/v2/auth",
python3 -m http.server 8080
https://oauth2.googleapis.com/token
Postman: My google photos reader
Add Authorized Redirect URI : http://localhost:8080/login/oauth2/code/google
Instructions to set up My Photos Client with Google Authorization Server
Download the my-photos-client.zip file from lecture "Google Coding Project : Code Walkthrough"
Unzip the zip file in your local directory
Change to [local directory]/albums-client
No comments:
Post a Comment