| 基于OAuth2.0 的认证授权技术 |
| |
| 引用本文: | 时子庆,刘金兰,谭晓华.基于OAuth2.0 的认证授权技术[J].计算机系统应用,2012,21(3):260-264. |
| |
| 作者姓名: | 时子庆 刘金兰 谭晓华 |
| |
| 作者单位: | 1. 天津大学管理与经济学部,天津,300072
2. 天津大学机械学院,天津,300072 |
| |
| 摘 要: | 开放平台的核心问题是用户验证和授权问题,OAuth是目前国际通用的授权方式,它的特点是不需要用户在第三方应用输入用户名及密码,就可以申请访问该用户的受保护资源。OAuth最新版本是OAuth2.0,其认证与授权的流程更简单、更安全。研究了OAuth2.0的工作原理,分析了刷新访问令牌的工作流程,并给出了OAuth2.0服务器端的设计方案和具体的应用实例。
|
| 关 键 词: | 开放平台 开放API 用户认证和授权 OAuth2.0协议 OAuth Server |
| 收稿时间: | 2011/7/13 0:00:00 |
| 修稿时间: | 2011/8/21 0:00:00 |
Authentication and Authorization Technique Based on OAuth2.0 |
| |
| SHI Zi-Qing,LIU Jin-Lan and TAN Xiao-Hua.Authentication and Authorization Technique Based on OAuth2.0[J].Computer Systems& Applications,2012,21(3):260-264. |
| |
| Authors: | SHI Zi-Qing LIU Jin-Lan and TAN Xiao-Hua |
| |
| Affiliation: | 1.School of Management, Tianjin University, Tianjin 300072, China; 2.School of Mechanical Engineering, Tianj in University, Tianjin 300072, China) |
| |
| Abstract: | The essential problem of open platform is the validation and authorization of users. Nowadays, OAuth is the international authorization method. Its characteristic is that users could apply to visit their protected resources without the need to enter their names and passwords in the third application. The latest version of OAuth is OAuth2.0 and its operation of validation and authorization are simpler and safer. This paper investigates the principle of OAuth2.0, analyzes the procedure of Refresh Token and offers a design proposal of OAuth2.0 server and specific application examples. |
| |
| Keywords: | open platform open API authentication and authorization OAuth2 0 protocol OAuth server |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
|
