Authorization across Distributed Systems: The OAuth Protocol
23.5 هزار بار بازدید -
پارسال
-
Websites are like castles, with
Websites are like castles, with large moats around them. You need a password at the gate to get in.
And the average person has to remember 27 passwords!
Remembering passwords is a pain. About 30% of all customer queries are "How do I reset my password?"
So websites found a unique solution: outsource the authentication problem to the 𝒃𝙞𝒈 castles.
---------------------------------------------
Instead of asking users to enter an email and password, websites now ask users to "connect" them with Google for registration.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝐻𝑒𝑦, 𝑐𝑜𝑢𝑙𝑑 𝑦𝑜𝑢 𝑡𝑒𝑙𝑙 𝑚𝑒 𝑡ℎ𝑒 𝑛𝑎𝑚𝑒 𝑜𝑓 𝑎𝑏𝑐@𝑔𝑚𝑎𝑖𝑙.𝑐𝑜𝑚? 𝑇ℎ𝑒𝑦 𝑐𝑙𝑎𝑖𝑚 𝑡𝑜 𝑏𝑒 𝑦𝑜𝑢𝑟 𝑢𝑠𝑒𝑟.
𝐺𝑜𝑜𝑔𝑙𝑒: 𝑃𝑙𝑒𝑎𝑠𝑒 𝑠ℎ𝑜𝑤 𝑚𝑒 𝑡ℎ𝑒𝑖𝑟 𝑠𝑖𝑔𝑛𝑒𝑑 𝑟𝑒𝑞𝑢𝑒𝑠𝑡.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝑆𝑢𝑟𝑒, ℎ𝑒𝑟𝑒 𝑦𝑜𝑢 𝑔𝑜.
𝐺𝑜𝑜𝑔𝑙𝑒: 𝑌𝑒𝑠, 𝑡ℎ𝑎𝑡'𝑠 𝑜𝑢𝑟 𝑢𝑠𝑒𝑟. 𝑇ℎ𝑒𝑖𝑟 𝑛𝑎𝑚𝑒 𝑖𝑠 𝐽𝑜ℎ𝑛 𝐷𝑜𝑒.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝐺𝑟𝑒𝑎𝑡. 𝐼'𝑙𝑙 𝑙𝑒𝑡 𝑡ℎ𝑒𝑚 𝑖𝑛. 𝐶𝑜𝑢𝑙𝑑 𝑦𝑜𝑢 𝑠ℎ𝑎𝑟𝑒 𝑡ℎ𝑒𝑖𝑟 𝑝𝑟𝑜𝑓𝑖𝑙𝑒 𝑝𝑖𝑐𝑡𝑢𝑟𝑒 𝑡𝑜𝑜?
𝐺𝑚𝑎𝑖𝑙: 𝑆𝑜𝑟𝑟𝑦, 𝑏𝑢𝑡 𝐼 𝑐𝑎𝑛'𝑡 𝑠𝑒𝑒 𝑡ℎ𝑎𝑡 𝑖𝑛 𝑡ℎ𝑒 𝑠𝑖𝑔𝑛𝑒𝑑 𝑟𝑒𝑞𝑢𝑒𝑠𝑡.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝑁𝑒𝑣𝑒𝑟 𝑚𝑖𝑛𝑑, 𝑡ℎ𝑎𝑛𝑘𝑠.
The user is now authenticated, and a session token can be sent for further auth requests. This process of outsourcing user authentication (technically authorization, since the user authorized you to view their name) is called OAuth.
---------------------------------------------
Third-party sign-in reduces login hesitance, ease of mobile registration, and password reset issues.
It also consolidates data power into a few companies, which know exactly which websites you visited to tailor your ads (Did you register on FirstCry? Let me show you a diaper ad).
You can learn more about OAuth, SSO, and Access Control Lists at InterviewReady.
Cheers!
00:00 What will we learn?
00:20 The Problem with Passwords
01:25 OAuth Flow
04:22 War story: OAuth Doubles Signups
06:43 Advantages of OAuth
08:55 Drawbacks of OAuth
11:31 Conclusion
12:13 Distributed Security Terms
15:30 Thank you!
System Design at InterviewReady: https://interviewready.io/
Use the special DISCOUNT coupon of "HELLOWORLD" to avail an exclusive YouTuber channel offer!
#OAuth #Security #DistributedSystems
And the average person has to remember 27 passwords!
Remembering passwords is a pain. About 30% of all customer queries are "How do I reset my password?"
So websites found a unique solution: outsource the authentication problem to the 𝒃𝙞𝒈 castles.
---------------------------------------------
Instead of asking users to enter an email and password, websites now ask users to "connect" them with Google for registration.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝐻𝑒𝑦, 𝑐𝑜𝑢𝑙𝑑 𝑦𝑜𝑢 𝑡𝑒𝑙𝑙 𝑚𝑒 𝑡ℎ𝑒 𝑛𝑎𝑚𝑒 𝑜𝑓 𝑎𝑏𝑐@𝑔𝑚𝑎𝑖𝑙.𝑐𝑜𝑚? 𝑇ℎ𝑒𝑦 𝑐𝑙𝑎𝑖𝑚 𝑡𝑜 𝑏𝑒 𝑦𝑜𝑢𝑟 𝑢𝑠𝑒𝑟.
𝐺𝑜𝑜𝑔𝑙𝑒: 𝑃𝑙𝑒𝑎𝑠𝑒 𝑠ℎ𝑜𝑤 𝑚𝑒 𝑡ℎ𝑒𝑖𝑟 𝑠𝑖𝑔𝑛𝑒𝑑 𝑟𝑒𝑞𝑢𝑒𝑠𝑡.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝑆𝑢𝑟𝑒, ℎ𝑒𝑟𝑒 𝑦𝑜𝑢 𝑔𝑜.
𝐺𝑜𝑜𝑔𝑙𝑒: 𝑌𝑒𝑠, 𝑡ℎ𝑎𝑡'𝑠 𝑜𝑢𝑟 𝑢𝑠𝑒𝑟. 𝑇ℎ𝑒𝑖𝑟 𝑛𝑎𝑚𝑒 𝑖𝑠 𝐽𝑜ℎ𝑛 𝐷𝑜𝑒.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝐺𝑟𝑒𝑎𝑡. 𝐼'𝑙𝑙 𝑙𝑒𝑡 𝑡ℎ𝑒𝑚 𝑖𝑛. 𝐶𝑜𝑢𝑙𝑑 𝑦𝑜𝑢 𝑠ℎ𝑎𝑟𝑒 𝑡ℎ𝑒𝑖𝑟 𝑝𝑟𝑜𝑓𝑖𝑙𝑒 𝑝𝑖𝑐𝑡𝑢𝑟𝑒 𝑡𝑜𝑜?
𝐺𝑚𝑎𝑖𝑙: 𝑆𝑜𝑟𝑟𝑦, 𝑏𝑢𝑡 𝐼 𝑐𝑎𝑛'𝑡 𝑠𝑒𝑒 𝑡ℎ𝑎𝑡 𝑖𝑛 𝑡ℎ𝑒 𝑠𝑖𝑔𝑛𝑒𝑑 𝑟𝑒𝑞𝑢𝑒𝑠𝑡.
𝐿𝑜𝑔𝑖𝑛 𝑆𝑒𝑟𝑣𝑖𝑐𝑒: 𝑁𝑒𝑣𝑒𝑟 𝑚𝑖𝑛𝑑, 𝑡ℎ𝑎𝑛𝑘𝑠.
The user is now authenticated, and a session token can be sent for further auth requests. This process of outsourcing user authentication (technically authorization, since the user authorized you to view their name) is called OAuth.
---------------------------------------------
Third-party sign-in reduces login hesitance, ease of mobile registration, and password reset issues.
It also consolidates data power into a few companies, which know exactly which websites you visited to tailor your ads (Did you register on FirstCry? Let me show you a diaper ad).
You can learn more about OAuth, SSO, and Access Control Lists at InterviewReady.
Cheers!
00:00 What will we learn?
00:20 The Problem with Passwords
01:25 OAuth Flow
04:22 War story: OAuth Doubles Signups
06:43 Advantages of OAuth
08:55 Drawbacks of OAuth
11:31 Conclusion
12:13 Distributed Security Terms
15:30 Thank you!
System Design at InterviewReady: https://interviewready.io/
Use the special DISCOUNT coupon of "HELLOWORLD" to avail an exclusive YouTuber channel offer!
#OAuth #Security #DistributedSystems
پارسال
در تاریخ 1402/06/15 منتشر شده
است.
23,596
بـار بازدید شده