What is OAuth 2.0 and How it Works

The evolution, mechanics, real-life applications, and advantages of the secure OAuth 2.0 framework.

https://lnkd.in/dSg2kwnj

#oauth2 #security #authentication

@deadsuperhero @dansup I could be mistaken, but it really seems like #OAuth2 and #OIDC are very similar... insomuch that when creating a single SSO plugin for one, I also created one for the latter.

Ughhhhhh, okay, there doesn't appear to be an actively maintained #OAuth2 client for #OCaml.

That's not currently a problem and won't be for a bit, but may require some work later.

🛟 Je galère à faire la partie authentification JWT de mon projet sandbox en Go. Je suis parti pour le faire à la main, mais je sens que *ça pue* et je préfèrerais utiliser une lib un peu "standard" ou de facto considérée comme telle (j'utilise go-chi). Je suis tombé sur `go-chi/oauth`, mais il n'a plus été mis à jour depuis 2021. Je viens de découvrir `go-chi/jwtauth` qui m'a l'air d'être la bonne pioche. Un avis / conseil ?

#golang #oauth2 #jwt #dev

@peterbak you can reach one of your office365 admin 😊
More seriously, this is probably linked to the fact that mail clients using #oauth2 can be whitelisted by admins (this was not possible with legacy password authentication and that was a security risk)
#manjaro #linux #microsoft #oauth2 #thunderbird

Seit Jahren habe ich unter #Manjaro #Linux Evolution als Email-Client genutzt, bis mir #Microsoft einen Strich durch die Rechnung gemacht hat. Beruflich bin ich auf outlook.office365 angewiesen. Seit der neuen Authentifizierung mit #OAuth2 kann ich weder mit Evolution noch mit #Thunderbird meine Outlook-Mails abrufen und werde aufgefordert, mich an einen Admin zu wenden. Hat da jemand eine Lösung?

#oauth2 troubleshooting tips https://learn.microsoft.com/en-us/connectors/custom-connectors/troubleshoot-oauth2#troubleshoot-the-oauth-flow

👋 In this post, you will learn 𝐡𝐨𝐰 𝐭𝐨 𝐚𝐝𝐝 𝐚𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐭𝐨 𝐲𝐨𝐮𝐫 𝐉𝐚𝐯𝐚 𝐒𝐩𝐫𝐢𝐧𝐠 𝐁𝐨𝐨𝐭 using OAuth2 with Authgear as the Identity Provider (IdP).

https://www.authgear.com/post/authentication-for-spring-boot-app-with-authgear-and-oauth2

#authentication #java #springboot #oauth2 #openid #OIDC

Rationalisez l'authentification de vos sites web avec #OAuth2 de manière simple grâce à OAuth2-Proxy. (2021)
https://bearstech.com/societe/blog/oauth2-proxy/

Resharing from Nov 2022: I put together a basic proof of concept for using existing #Mastodon installations as SSO for #Matrix, using #Synapse. Here's what the authentication and authorization flow for that looks like!

While Mastodon doesn't support #OpenlDConnect, #OIDC is just #OpenlD on top of #OAuth2.0. If your app allows configuring all URLS for your ldP you can use nearly any OAuth2.0 provider.

Avatars currently aren't supported via this (| added one) but can be!

https://blimps.xyz/@ceralor/109400447635352242

Is it just me, or is the only client side difference between an app #authentication #token and #oAuth2 that you have an extra user/password to remember and extra code to rotate the tokens whenever the server randomly decides to mess with you?

Somehow this doesn’t seem at all more #secure…

At work, we recently migrated to MS 365 for part of our email management and I discovered a tiny useful piece of software that simplifies for me the OAUTH2 based idiosyncratic system of Outlook and its friends.

A proxy now allows me to still use mutt, fetchmail, msmtp and exim to read and write emails.

https://github.com/simonrob/email-oauth2-proxy

#oauth2 #outlook #proxy

As I work with #OAuth2/#OIDC almost every day, this is pretty accurate. I will say that oauth2-proxy and/or #Keycloak can simplify a lot of this.
https://www.nango.dev/blog/why-is-oauth-still-hard
#OpenID

Started building a pet Strava project in #Go until I found the thing I wanted to fix was a toggle that they recently added.

Anyway, learned more about #oauth2 flows implementing some of this than I have since first hearing about it many many years ago.

Internet of Washing Machines Solves an Annoyance https://hackaday.com/2023/04/15/internet-of-washing-machines-solves-an-annoyance/ #washingmachine #NetworkHacks #homehacks #appliance #oauth2 #IoT

Internet of Washing Machines Solves an Annoyance - [Laurence Tratt]’s washing machine blew up, so he sprung for a brand new model wit... - https://hackaday.com/2023/04/15/internet-of-washing-machines-solves-an-annoyance/ #washingmachine #networkhacks #homehacks #appliance #oauth2 #iot

💼 Most big corporations use Microsoft to manage their employees email addresses.

🔑 If you are building an enterprise B2B app, you will definitely need to add Microsoft single-sign-on.

⚡️ Here's how you can do it: Watch episode 122 sign in with Microsoft OAuth - https://www.youtube.com/watch?v=3BNJ3G226_o

#rubyonrails #microsoft #oauth2 #azuredevops

Just a toot of appreciation for #GitLab and #oauth2-proxy - have finally realised my lifelong dream of an Active Directory auth bridge (via LDAP and Oauth2) for various WUIs that we vend to the rest of our organisation.

The main motivation is UX - often stakeholders request auth of some sort (mostly out of nerves), but you also don't want to burden them with signing up for yet another account, which is distinct from their org identity.

Such great, (largely) open source tech enabling delight!

My good friend and colleague @PalmEmanuel@twitter.com just released a new blog post, and as always it's quite amazing. Everything there is to know about #OAuth2.0 in #Azure. And I truly mean _everything_!
https://pipe.how/connect-azure/

I finally fully set up an #EMailClient on my computer. (I say fully since I had this set up for some time now but only for a subset of my accounts.) For better or worse, it's #Thunderbird; I preferred #Sylpheed or #ClawsMail but I couldn't get #OAuth2 to work while using them. Which is a danged shame, frankly.

Heck, I would have preferred #Pine or #Alpine, even, given how lightweight and super fast their text-based interfaces work, but given the trouble I've had I've concluded I basically need to do with OAuth2 the authentication analogue of having to hand-pollinate plants because of a lack of insect pollinators.