Chapter 3. Building a simple OAuth client

This chapter covers

  • Registering an OAuth client with an authorization server and configuring the client to talk to the authorization server
  • Requesting authorization from a resource owner using the authorization code grant type
  • Trading the authorization code for a token
  • Using the access token as a bearer token with a protected resource
  • Refreshing an access token

As we saw in the last chapter, the OAuth protocol is all about getting tokens to the client and letting the client use the access tokens to access protected resources on behalf of the resource owner. In this chapter, we’ll build a simple OAuth client, use the authorization code grant type to get a bearer access token from an authorization ...

Get OAuth 2 in Action now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.