Learning about OAuth2 Server.

 OAuth2.0. is the authorization protocol used for authorization not authentication.

Case: User wants to access some resources (Client to server communication) 

- Step 1: hit url abc.xyz.com (this url is protected and any resources in it requires auth)
- Step 2 (Authentication part done by spring security not oauth2): URL triggers login page to first validate who the user is.
- Step 3: User authenticates and return the access code to the client (which is requesting resource).
- Step 4: Now client have the access code, client will hit authorization server with the access code, and authorization server return access token.
- Step 5: Now client have the access token, it takes the token to the resource server to get the resource.

WHY NEED ACCESS CODE AND WHY NOT DIRECTLY ACCESS TOKEN???

 - As the user is anom

Comments

Post a Comment

Popular posts from this blog

Kubernetes terms made easy

when we have docker compose and we can define rules to run our containerized applications over there ... so why do we need k8s...? Well we can certainly manage very small containers... but handling large scale applications through this will certainly be a nightmare... Because ... large apps will need to scale automatically.. and docker compose requires manual intervention and scripting .. ahhh who will re invent the wheel... Let's k8s do this... Now when we know the importance of k8s .. we have to learn it's core components and it's architecture level working... k8$ environment have a company named ... control pane .. who is responsible for managing and running kubernetes clusters ....  This company, named control pane.. have a CEO.. named, API Server ...I wasn't talking about the actual CEO of kubernetes 😅... just an analogy... Every one discuss there matters with API server ... and api server talks to everyone ... It's kind of a brain of the company...  Next come...
Read more

Anomalies in Database

Anomaly is a fault which occurs in the poorly designed database , which leads to inconsistent, redundant and inefficient data. There are three kind of anomalies: - Insertion anomaly - Updation anomaly - Deletion anomaly Insertion Anomaly It occurs when we want to insert a particular kind of data, let's say Data#1, but due to the absence of a certain data, let's say Data#2, we were unable to add. Example If we have only one table for saving student and course, named std_course. We won't be able to add the new course until, we have the student information. std_course Table  Student_ID Student_Name Course Instructor Instructor_Contact 101 Ali DBMS Mr. Khan 123456789 102 Ahmed OS Mr. Ahsan 987654321 Suppos...
Read more