a simple php linkedin oauth 2.0 example
DESCRIPTION
Un semplice progetto sviluppato nell'ambito del corso di Sicurezza delle Architetture Orientate ai Servizi, dove mostro il funzionamento del protocollo OAuth 2.0 con il social network LinkedInTRANSCRIPT
Progetto di SICUREZZA DELLE ARCHITETTUE ORIENTATE AI SERVIZI
A simple PHP Linkedin OAuth 2.0 example
Studente: Docente:M. Reggiani 826163 E. Damiani
Anno Accademico 2013/2014
Entities OAuth 2.0
Authorization Server
Resource Server
ApplicationUser Agent(web browser)
Token Request
Access Request
Authorization
Request
Register App (1)
Register App (2)
Register App (3)
Sequence Diagram
App’s frontpage (1)
App’s frontpage (2)
User Grants Access (1)
User Grants Access (2)
HTTP/1.1 302 FoundLocation: http://localhost/profile.php?state=dks3FdGb4&code=AQQHlgbnkBq64NrVpWLrisElxVn5m2F1pE74Zp0aMK0T9ZunrV198
Access Token request
POST /uas/oauth2/accessToken?grant_type=authorization_code&client_id=77q2gxr3kb8cxh&client_secret=zrkIf3DMynUNjg9u&code=AQQHlgbnkBq64NrVpWLrisElxVn5m2F1pE74Zp0aMK0T9ZunrV198&redirect_uri=http%3A%2F%2Flocalhost%2FSOASec%2Fprofile.phpHTTP/1.1Host: www.linkedin.com
Access Token response
HTTP /1.1 200 OK Content-Type: application/json;charset=UTF-8 { "access_token" : "2YotnFZFEjr1zCsidfrrs32scMWpAA", "expires_in":3600, }
Resources request using Token
GET /v1/people/~:(first-name,last-name,headline,positions,picture-url,skills,languages,educations,certifications)? format=json&oauth2_access_token= 2YotnFZFEjr1zCsidfrrs32scMWpAA HTTP/1.1Host: api.linkedin.com
Resources response
Resources response (PI.php)
ConclusionEasy to code, to implement, to useFlexibleProvides secure authorization for end userSupports scopes for granular member permissionsNo password from API calls3rd party don't have access to passwordToken:
can be revokedcan be time limitedcan be refreshshort live