March 2017
Intermediate to advanced
360 pages
10h 44m
English
This chapter covers
In the previous chapter, we reviewed common attacks against OAuth clients. Now it’s time to see how to protect a resource server and defend against common attacks targeting OAuth protected resources. In this chapter, we’re going to learn how to design resource endpoints to minimize the risk of token spoofing and token replay. We’ll also see how we can leverage modern browsers’ protection mechanisms to make the designer’s life easier.
Read now
Unlock full access