July 2017
Beginner to intermediate
340 pages
7h 43m
English
Content preview from Python Microservices Development
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
The OAuth2 protocol
OAuth2 is a widely adopted standard that secures web applications and their interactions with users and other web applications, and yet it's hard to understand because it's based on many RFCs that are quite complicated to grasp fully.
The core idea of OAuth2 is that a centralized service is in charge of authenticating a caller, and can grant some access in the form of codes or tokens; let's call them keys. Those keys can be used by users or services to access a resource, as long as the service providing that resource accepts that key.
That's what we've used in Chapter 4, Designing Runnerly, to build the Strava microservice. The service interacts with the Strava API on behalf of the users after it was granted access via ...