Sharing Posts with LinkedIn Part 4

In this video series, we will go through how can we share LinkedIn posts directly through your PHP script.

This series uses LinkedIn OAuth2 for authorization and post sharing.

#php #linkedin #oauth2

Creating User Interface - Part 3

In part 3 of series Share with LinkedIn, we will go through how can we share LinkedIn posts directly through your PHP script.

This series uses LinkedIn OAuth2 for authorization and post sharing.

#linkedin #oauth2

Share with LinkedIn Part 2: Creating LinkedIn Application

In this video series, we will go through how can we share LinkedIn posts directly through your PHP script.

This series uses LinkedIn OAuth2 for authorization and post sharing.

#linkedin #oauth2

Share with LinkedIn - Introduction - Part 1

In this video series, we will go through how can we share LinkedIn posts directly through your PHP script.

This series uses LinkedIn OAuth2 for authorization and post sharing.

#linkedin #oauth2

Node.js - SEND Emails Using Nodemailer | Gmail | OAuth2

Hey guys and gurls. Here’s how to send emails using Node.js, nodemailer and Google’s Gmail API along with OAuth2 (no need for username or password). This is for sure a banger tutorial. Super easy to follow and of course a must-know for any web application.

Download Node.Js
https://nodejs.org/en/

NodeMailer
https://nodemailer.com/about/

Authorized Redirect URL
https://developers.google.com/oauthplayground

Google Cloud
https://cloud.google.com/

Source Code
https://rhymbil.netlify.app/

Until next time
RhymBil Out

#node #gmail #oauth2 #oauth

Spring Security: Develop a REST-Service Secured With OAuth2, Bitbucket and JWT

How to use Spring Security to develop a REST-service secured with OAuth2, Bitbucket authorization server and JWT

We are going to develop a small REST-service secured using OAuth2 protocol with Bitbucket as an authorization server. At first it may seem unusual to use a third-party authorization server, but imagine that you are developing a CI (Continuous Integration) server and would like to have access to the user’s resources (e.g projects, repositories) in a version control system. For example, the same approach is used in Drone.io  and Travis CI .

Theory

Implementation

#programming #jwt #spring-security #oauth2 #rest-service #develop a rest-service secured with oauth2, bitbucket and jwt

How to Protect RESTful APIs with Quarkus OIDC and Auth0

Quarkus has great support of OAuth 2 and OIDC protocol. In this post, we will explore how to protect RESTful APIs with Quarkus OIDC and Auth0.

Quarkus is well-known as a supersonic subatomic Java framework to build Kubernetes-friendly cloud native applications. In an earlier post we have discussed how to secure RESTful APIs with Spring Security and Auth0, we will implement the same functionality with Quarkus OIDC extension.

Go to Quarkus Start Coding page, make sure you have added these extensions: oidc, resteasy, resteasy-jackson, hibernate-validator , hibernate-orm-panache, jdbc-postgresql. Then generate a project skeleton as usual that we have done in the former posts. Import the source codes into your IDE.

Open the project pom.xml file you should see the following dependencies. Add an extra Lombok dependency to clean up the POJOs.

<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-oidc</artifactId>
</dependency>
<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-resteasy</artifactId>
</dependency>
<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-resteasy-jackson</artifactId>
</dependency>
<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-hibernate-validator</artifactId>
</dependency>
<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-hibernate-orm-panache</artifactId>
</dependency>
<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-jdbc-postgresql</artifactId>
</dependency>
<dependency>
    <groupId>io.quarkus</groupId>
    <artifactId>quarkus-arc</artifactId>
</dependency>
<!-- Erase getters and setters -->
<dependency>
    <groupId>org.projectlombok</groupId>
    <artifactId>lombok</artifactId>
    <version>1.18.20</version>
    <optional>true</optional>
</dependency>

In this post we will focus on how to integrate Quarkus OIDC and Auth0. We have no plan to explain the development progress of the RESTful APIs, the details of the source codes are very similar to the ones we have discussed in my introduction to Quarkus. Before jumping to the next steps, check out a copy of the source codes of this post from my github and explore them yourself.

#quarkus #oidc #oauth2 #auth0 #java

OAuth2 in Python

In this article, we’ll first look at what OAuth is. Then, we’ll use the OAuthLib and Requests libraries to implement OAuth2.

Objectives

By the end of this article, you will be able to:

1. Explain what OAuth and OAuth2 are and how they can be used
2. Describe the OAuth2 flow between a web client and server
3. Implement OAuth2 via the Web Application Flow (also known as the Authorization Code Grant)

What is OAuth?

OAuth is a secure open protocol for authorizing users between unrelated services. Put another way, it enables one service to access resources hosted on other services without having to share user credentials, like username and password.

It’s all about delegation:

1. One service (client) accesses resources from another service (resource server) on behalf of a user.
2. The user does not have to share their credentials with the client.

Parties involved:

1. Resource owner / user - the person who gives permission to access their protected resources hosted by a third-party provider
2. Client - the web application acting on behalf of the user to access their resources hosted by a third-party provider
3. Authorization server - the third-party server contacted by the client that displays a prompt for the user to authorize the client to act on the user’s behalf
4. Resource server - the third-party server hosting the user’s protected resources

The authorization server and resource server may be the same entity.

OAuth2 is the latest version of the OAuth protocol used by services like Google, Spotify, Trello, and Vimeo, to name a few.

#python #oauth2 #oauth #security

Secure an Angular SPA and an ASP.NET Core API using Auth0

This article shows how to implement an Angular single page application with an ASP.NET Core API and secured using the Open ID Connect code flow with PKCE and OAuth JWT Bearer tokens to protect the API. The identity provider is implemented using Auth0. The flow uses refresh tokens to renew the SPA session and the revocation endpoint is used to clean up the refresh tokens on logout.

Code: https://github.com/damienbod/Auth0AngularAspNetCoreApi

Setup

The solutions consists of three parts, an ASP.NET Core API which would provide the data in a secure way, an Angular application which would use the data and the Auth0 service which is used as the identity provider. Both applications are registered in Auth0 and the refresh tokens are configured for the SPA. The API can be used from the SPA application.

#angular #oauth2 #security #auth0 #dotnet core #aspdotnet core

Secures REST APIs with Spring Security 5 and Auth0

Spring Security 5 deprecated the original Spring Security OAuth module and rewrote the OAuth2/Oidc implementation, make it available as part of the core modules.

OAuth protocol defines 4 roles, including Resource Owner, Client, Authorization server and Resource server. Imagine you are using an app in your mobile, you(Resource owner) authorizes the app(presents a Client role itself) to perform an authorization flow to get access token from the authorization server, then utilizes this token to interact with the protected resources(from Resource server).

Oidc is an additional supplement to enrich OAuth2 protocol. In Spring Security 5, it does not differentiate them explicitly in the API level and configuration. And nowadays most OAuth2 compatible provider supports the Oidc protocol.

If you are new to OAuth2 and OIDC, please check the official OAuth 2 docs and explore OpenId Connect related specs. For impatient users, this introductory article from DigitalOcean is a good start point.

With Spring Security 5, it is easy to set up OAuth2 Client and Resource server roles in your applications. And there is another incubator project which allow you to serve a custom Authorization server. In a real world application, I think it is a smart choice that choosing a mature IDP service to simplify the integration work of multiple authentication services and advanced features, for example, you want to integrate Google accounts, Facebook, Twitter and custom username/password authentication, and enable two-phases authentication in your applications. Auth0 and Okta are the leading IDP services in this area, they provide excellent administrative UI and rich SDK of all use case in your applications. In the open source world, Keycloak is widely used to host a custom authentication server.

From the official Okta blog, Auth0 has joined the Okta family. I am a little afraid Auth0 will be disappeared like Stormpath. But the Okta guys declared that Auth0 will operate as a standalone brand.

In this post, we will use Auth0 as the authentication server role to simplify our development progress.

To demonstrate the OAuth2 flow, firstly we will create a RESTful API application that acts as Resource server. In the further post, we will create an Angular SPA client app to interact with this API backend.

There are plenty of tutorials provided on the official auth0 docs page. Usually you can find the use cases matched your applications in these docs, go to the Backend API doc to go through the tutorial, esp. there is a great tutorial for Spring Security 5.

Firstly register an Auth0 account if you don’t have one before. Or login using a social network account directly. After logged in, you will find Auth0 has created a development-purpose domain for you, it categories all resources for your new application.

In the dashboard UI, expand the Applications/APIs in the left pane, let’s create a new API application(Resource server role in the OAuth2 protocol).

• Click the Create API button to start the progress.
• Fill the essential fields, the audience field is used to identify this API, it is recommended to fill a URL like value. For example. Here I created a new API application named Backend API, and set the audience to https://hantsy.github.io/api.

Auth0 also provides an Auth0 Management API for you to access the Auth0 APIs, and for test purpose, Auth0 also created a Machine to Machine application automatically which allow you to interact with your own APIs.

Next let’s create our Backend API application. Go to https://start.spring.io, fill the required fields, and select Maven as build tools and Java as language, then add the following dependencies,

• Web Starter
• Validation
• Data JPA
• Spring Security
• Lombok

#spring #auth0 #oidc #oauth2 #spring-security

Integrating Auth0 Into Your Angular Applications

Auth0 provides SDK for Angular to authenticate users and simply authorize users to access the protected APIs .

In this post, we will create a simple Angular SPA application and try to access the Backend API we have created in the last post.

Firstly lets create a new application in the Auth0 management console. An application presents an OAuth2 Client role , each client should have a unique client id to identify it.

In the dashboard UI, expand Applications/applications in the left pane. Click the Create Application button to start up the creating progress.

• In the application name, set a name for this new Angular application, eg. I used spa here.
• Then select the Single page applications.
• Click the Create button.

After it is created, open the Settings page, you will find a Client ID and Client Secrets are generated in the page. In the Application URLs section, add http://localhost:4200 to the following fields.

• Allowed Callback URLs
• Allowed Logout URLs
• Allowed Web Origins
• Allowed Origins (CORS)

In the Quickstarts tab, Auth0 provides a series of tutorials to integrate Auth0 with the popular SPA framework, including Angular/React/Vue, etc.

I followed the official Angular Quickstart tutorial, but I refactored the project file structure according to the Angular Coding Style Guide, and ported the existing codes from hantsy/angular-spring-reactive-sample to simplify the development work. The final source codes can be found under my Github account.

More details about creating this sample application step by step, please read the official Angular Quickstart tutorial.

For the implementation details of accessing Backend APIs, check this article I have published on Medium and this old Angular2 sample codes.

Here we are going to introduce the details of integrating Auth0 Angular SDK.

#angular #auth0 #oauth2 #web-development #security

Using Azure AD groups authorization in ASP.NET Core for an Azure Blob Storage

This post show how Azure AD groups could be used to implement authorization for an Azure Blob storage and used in an ASP.NET Core Razor page application to authorize the identities. The groups are assigned the roles in the Azure Storage. Azure AD users are added to the Azure AD groups and inherit the group roles. The group ID is added to the claims of the tokens which can be used for authorization in the client application.

#.net #.net core #asp.net core #azure #oauth2 #security #azure ad

Discord Login System with Chrome Extensions(MV2) | OAuth2

If you need a secure login system for your Chrome Extension, but you don’t want to or don’t know how to create all of the necessary gear–authentication servers, databases…—you can use the oAuth2/OpenID Connect protocols (specifically OpenID Connect) to create one for you.

By delegating the authentication (different from authorization) of your login system to a secure, trusted login system like Discord’s, you can have a safe and secure system for your Chrome Extension up and running in no time.

We’ll first head on over to the Discord’s Developer’s console to get ourselves an OAuth2 Client ID, then we’ll start building a login system.

📖📖📖For the code, check out my Medium article📖📖📖
https://anobjectisa.com/?p=147

#discord #oauth2

Auth0 Authentication in Reactjs using OAuth2

In this video we will learn how to implement OAuth2 authentication in Reactjs using the Auth0 authentication provider. It uses OpenId that conforms to OIDC implementation. It is super simple to implement.
We will also authenticate our backend Nodejs express API using this library.

• 00:00 Introduction
• 00:48 Frontend Reactjs authentication
• 17:40 Backend Nodejs express API authenticated requests
• 42:20 Getting user info using Auth0 endpoint using access token

#oauth2 #developer #reactjs #auth0 #react

Federated Identity: An introduction to OAuth2, Open Id Connect & Identity Server 5 | Anthony Ngyuen

Securing your application is bloody important. With so much jargon to sift through, it’s easy to get lost, for example there’s SSO, OAuth2, SAML 2.0, OpenID Connect, Federated Identity, 2FA, & MFA. Just to name a few! 😱

In this talk, Anthony will take an in depth look at Federated Identity using OpenID Connect and OAuth2 Framework for ASP. NET Core using Duende Identity Server (aka Identity Server 5). You will walk away knowing how to navigate the security options and avoid the madness.

About the Speaker:

https://www.ssw.com.au/people/anthony-nguyen

Anthony is the Solution Architect at SSW, a certified Scrum Master with experience delivering various types of Software Development projects ranging from custom ERP, CRM, HR and Payroll, Utilities (Telecom) and recording systems, CMS, Product Transformation and Cloud Transformation.

Starting off as Technical Support Engineer and moving on to be Full Stack Developer, Technical Lead/Evangelist, Technical Project Manager, Scrum Master and Solution Architect, Anthony has broad understanding of all aspects of IT and Software Development Life Cycle.

Some of Anthony’s recent career highlights:

Leading a team of up to 15 developers transforming a legacy client-server business guidance application into a cloud based solution.
Leading delivery of an in-house developed web-based ERP system of a 500 seats contact center.
Developed custom integrations for CRM, VOIP Recording, IVR and IP PBX system
Has advised many Fintech companies on their applications and continues to be a highly respected consultant

#oauth2 #security #developer