Implementation Example: End-User Experience
No matter which development implementation example you chose—PHP or Python—the experience for the end user is the same.
During the first phase of the OAuth 2 process, the end user is forwarded to the provider site, where she can log in (unless she is already signed in) and accept the application permissions, much like what we’ve seen in our Facebook examples and what is shown in Figure 9-16.
Figure 9-16. Facebook OAuth 2 application authorization screen
Generally, a provider will display any number of the following pieces of information on the permissions page:
The application title, defined by the application creator.
A description of what the application will do, defined by the application creator.
A chosen thumbnail (usually, a company or product logo), defined by the application creator.
Details on the type of protected information the application is requesting access to. The application creator generally selects the permissions, but the provider defines the specific text that is displayed to the end user.
Links to a privacy policy or methods for revoking access for the application, defined by the provider.
On this permissions screen, the end user will generally have two options:
She can allow the application to access her protected information and perform actions on her behalf. When she accepts these permissions, she will be forwarded to the ...
Get Programming Social Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
