A simple PHP LinkedIn OAuth 2.0 example
-
Upload
mattia-reggiani -
Category
Technology
-
view
339 -
download
2
description
Transcript of A simple PHP LinkedIn OAuth 2.0 example
![Page 1: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/1.jpg)
Progetto di SICUREZZA DELLE ARCHITETTUE ORIENTATE AI SERVIZI
A simple PHP Linkedin OAuth 2.0 example
Studente: Docente:M. Reggiani 826163 E. Damiani
Anno Accademico 2013/2014
![Page 2: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/2.jpg)
Entities OAuth 2.0
Authorization Server
Resource Server
ApplicationUser Agent(web browser)
Token Request
Access Request
Authorization
Request
![Page 3: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/3.jpg)
Register App (1)
![Page 4: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/4.jpg)
Register App (2)
![Page 5: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/5.jpg)
Register App (3)
![Page 6: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/6.jpg)
Sequence Diagram
![Page 7: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/7.jpg)
App’s frontpage (1)
![Page 8: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/8.jpg)
App’s frontpage (2)
![Page 9: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/9.jpg)
User Grants Access (1)
![Page 10: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/10.jpg)
User Grants Access (2)
HTTP/1.1 302 FoundLocation: http://localhost/profile.php?state=dks3FdGb4&code=AQQHlgbnkBq64NrVpWLrisElxVn5m2F1pE74Zp0aMK0T9ZunrV198
![Page 11: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/11.jpg)
Access Token request
POST /uas/oauth2/accessToken?grant_type=authorization_code&client_id=77q2gxr3kb8cxh&client_secret=zrkIf3DMynUNjg9u&code=AQQHlgbnkBq64NrVpWLrisElxVn5m2F1pE74Zp0aMK0T9ZunrV198&redirect_uri=http%3A%2F%2Flocalhost%2FSOASec%2Fprofile.phpHTTP/1.1Host: www.linkedin.com
![Page 12: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/12.jpg)
Access Token response
HTTP /1.1 200 OK Content-Type: application/json;charset=UTF-8 { "access_token" : "2YotnFZFEjr1zCsidfrrs32scMWpAA", "expires_in":3600, }
![Page 13: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/13.jpg)
Resources request using Token
GET /v1/people/~:(first-name,last-name,headline,positions,picture-url,skills,languages,educations,certifications)? format=json&oauth2_access_token= 2YotnFZFEjr1zCsidfrrs32scMWpAA HTTP/1.1Host: api.linkedin.com
![Page 14: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/14.jpg)
Resources response
![Page 15: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/15.jpg)
Resources response (PI.php)
![Page 16: A simple PHP LinkedIn OAuth 2.0 example](https://reader035.fdocuments.us/reader035/viewer/2022062308/5592bdd21a28ab0d418b4632/html5/thumbnails/16.jpg)
ConclusionEasy to code, to implement, to useFlexibleProvides secure authorization for end userSupports scopes for granular member permissionsNo password from API calls3rd party don't have access to passwordToken:
can be revokedcan be time limitedcan be refreshshort live