WSO2Con ASIA 2016: Securing APIs: How, What, Why, When
-
Upload
wso2-inc -
Category
Technology
-
view
596 -
download
1
Transcript of WSO2Con ASIA 2016: Securing APIs: How, What, Why, When
Authorization: Digest username="prabath", realm="cute-cupcakes.com", nonce="1390781967182:c2db4ebb26207f6ed38bb08eeffc7422", uri="/recipe", cnonce="MTM5MDc4", nc=00000001, qop="auth", response="f5bfb64ba8596d1b9ad1514702f5a062", opaque="F5288F4526B8EAFFC4AC79F04CA8A6ED"
HTTP/1.1 401 UnauthorizedWWW-Authenticate: Digest realm="cute-cupcakes.com", qop="auth”, nonce="1390781967182:c2db4ebb26207f6ed38bb08eeffc7422", opaque="F5288F4526B8EAFFC4AC79F04CA8A6ED"
OAuth•
•–
•–
•––
•–––
-
POST /introspection HTTP/1.1Accept: application/x-www-form-urlencodedHost: server.example.comAuthorization: Basic czZCaGRSa3F0Mzo3RmpmcDBaQnIxS3REUmJuZlZkbUl3
token=X3241Affw.4233-99JXJ&resource_id=…
{ "active": true, "client_id":"s6BhdRkqt3", "scope": "read write dolphin", "sub": "2309fj32kl", "aud": http://example.org/protected-resource/*}
•
•
•
•
•
•
•
•• : ,