Chapter 3. Building a simple OAuth client

This chapter covers

Registering an OAuth client with an authorization server and configuring the client to talk to the authorization server
Requesting authorization from a resource owner using the authorization code grant type
Trading the authorization code for a token
Using the access token as a bearer token with a protected resource
Refreshing an access token

As we saw in the last chapter, the OAuth protocol is all about getting tokens to the client and letting the client use the access tokens to access protected resources on behalf of the resource owner. In this chapter, we’ll build a simple OAuth client, use the authorization code grant type to get a bearer access token from an authorization server, ...

Get OAuth 2 in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

OAuth 2 in Action by Justin Richer, Antonio Sanso

Chapter 3. Building a simple OAuth client

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly