Getting Started with OAuth 2.0
Programming clients for secure web API authorization and authentication
Publisher: O'Reilly Media
Final Release Date: February 2012
Pages: 82

Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.

Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.

  • Understand OAuth 2.0’s role in authentication and authorization
  • Learn how OAuth’s Authorization Code flow helps you integrate data from different business applications
  • Discover why native mobile apps use OAuth differently than mobile web apps
  • Use OpenID Connect and eliminate the need to build your own authentication system
Table of Contents
Product Details
About the Author
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillyGetting Started with OAuth 2.0
 
3.6

(based on 8 reviews)

Ratings Distribution

  • 5 Stars

     

    (3)

  • 4 Stars

     

    (1)

  • 3 Stars

     

    (3)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (1)

75%

of respondents would recommend this to a friend.

Pros

  • Easy to understand (7)
  • Accurate (4)
  • Concise (4)
  • Helpful examples (4)
  • Well-written (3)

Cons

  • Not comprehensive enough (3)

Best Uses

  • Intermediate (4)
  • Novice (4)
  • Student (3)
    • Reviewer Profile:
    • Developer (5)

Reviewed by 8 customers

Sort by

Displaying reviews 1-8

Back to top

 
1.0

Got the concepts right, poorly written

By Sonny

from Waltham MA

About Me Designer, Developer, Educator

Pros

  • Easy to understand

Cons

  • Badly Done Examples
  • Difficult to understand
  • Too many errors

Best Uses

    Comments about oreilly Getting Started with OAuth 2.0:

    I wanted to like this book quite badly because there is SO much bad information on OAuth, including the Google pages. The main problem has been the excruciating lack of clearly done examples. Code stubs are all well and good, but it is not clear what type of OAuth to use (sserver/implicit--one thing made clear in this book). I got mightly irritated while going through one example on this book ("Step-by-step" in the server-side-application flow). The annoying part is that there are a zillion PHP code samples here, and none of them are really labeled. Is the code after "Here's what the PHP code may look like:" tasks_response.php or oauth_response.php? Or neither? No idea. Appears to be written for insiders. And for that, I don't need this book. Atrocious.

     
    3.0

    Premature now outdated

    By per.lauge

    from Denmark

    Verified Buyer

    Pros

    • Easy to understand
    • Well-written

    Cons

    • Premature

    Best Uses

      Comments about oreilly Getting Started with OAuth 2.0:

      Some guesswork is used before the standard was defined, that means the code examples use HTTP when only HTTPS is allowed.

       
      3.0

      Good overview but superficial

      By Bassman

      from Munich, Germany

      About Me Security

      Verified Buyer

      Pros

      • Easy to understand

      Cons

      • Not comprehensive enough

      Best Uses

      • Novice
      • Student

      Comments about oreilly Getting Started with OAuth 2.0:

      I wanted to learn about OAuth and having read the book I have a better understanding what it is about. It's a much better ead than the specification. The description is quite superficial in some points and I'd prefer to have some more concrete examples.

      If you need to get the idea it's recommended. If you need to write code for it you'll need more in-depth info.

       
      4.0

      Good for beginners

      By raulmercadox

      from Lima, Peru

      About Me Developer

      Verified Buyer

      Pros

      • Accurate
      • Concise
      • Easy to understand
      • Helpful examples
      • Well-written

      Cons

      • Not comprehensive enough

      Best Uses

      • Novice

      Comments about oreilly Getting Started with OAuth 2.0:

      I wanted to know about OAuth 2.0 because I was totally new with this technology. This books is a great first step in this way, but I had to look for complimentary information to fully understand the different profiles mentioned in the book. I found a video in Oreilly which helped me a lot in issue. Then I returned to the book and the rest was so easy to understand. Highly recommended but preferable with complimentary material.

      (3 of 3 customers found this review helpful)

       
      3.0

      Useful but badly written

      By enrico

      from Rome, Italy

      About Me Developer, Educator

      Verified Reviewer

      Pros

      • Less Useless Than Other

      Cons

      • Difficult to understand
      • Not comprehensive enough

      Best Uses

      • Intermediate

      Comments about oreilly Getting Started with OAuth 2.0:

      For me, and probably most people, Oauth was very difficul to understand. The specs and info material available did not help. That's why this book is useful: less useless than the other useless stuff. This may cause some geeks not to notice that it is badly written: verbose but not clear, ambiguous use of terminology, examples in some area are not complete. Given the quality of other information material I have bought and recommend buying this badly written book.

      (1 of 1 customers found this review helpful)

       
      5.0

      Good introduction to OAuth 2.0

      By Lola

      from Kitchener, ON

      Verified Reviewer

      Pros

      • Accurate
      • Concise
      • Easy to understand
      • Helpful examples

      Cons

        Best Uses

        • Expert
        • Intermediate
        • Novice
        • Student

        Comments about oreilly Getting Started with OAuth 2.0:

        Getting Started With OAuth 2.0, by Ryan Boyd, provides an introduction to the latest version of the OAuth protocol. The author starts off by exploring the origins of OAuth, along with its importance, and why developers should care about it.

        The bulk of this book involves a discussion of the various authorization flows that developers will need to consider when developing applications that will incorporate OAuth to manage user access and authorization.

        The author explains in detail which flow is appropriate to use based on the application being developed, as well as how to implement each type with step-by-step examples. Note that the examples in the book are focused on the Google and Facebook APIs. Personally, I would have liked to see some examples with the Twitter API as well.

        In addition to that, the author also discusses security considerations, error handling (what is returned if the access request fails), and access tokens (when are access tokens refreshed, and how access can be revoked).

        This book provides a good starting point for those developers looking to understand what OAuth is and how they can leverage it within their own applications. The book wraps up with a list of tools and libraries that are available to further assist the developer in exploring the OAuth APIs. I highly recommend this book as a must-read for developers at all levels that have not yet been exposed to OAuth.

        (1 of 2 customers found this review helpful)

         
        5.0

        A must read book

        By Hari K T

        from Calicut, Kerala, India

        About Me Developer, Reviewer, Writer

        Verified Reviewer

        Pros

        • Accurate
        • Concise
        • Easy to understand
        • Helpful examples
        • Well-written

        Cons

          Best Uses

          • Intermediate
          • Novice
          • Student

          Comments about oreilly Getting Started with OAuth 2.0:

          This is an awesome book. The author knows what he is saying. When you read the book, you can know how much knowledge he has.
          Shows examples in PHP, Javascript and HTML. PHP is not that much hard, anyone with basic understanding of programming will understand easily. So the book suits to any developer. The book doesn't include or teach you how you can create your own oauth server.

          (1 of 1 customers found this review helpful)

           
          5.0

          Informative for OAuth2.0 core

          By hu

          from Tokyo, Japan

          About Me Developer

          Verified Reviewer

          Pros

          • Accurate
          • Concise
          • Easy to understand
          • Helpful examples

          Cons

            Best Uses

            • Intermediate

            Comments about oreilly Getting Started with OAuth 2.0:

            Each profile of OAuth2.0 spec is explained more precisely than the OAuth2.0 specification and the readers could understand not only the core features but also when each authorization flow should be used or not. The advantage and disadvantage are also introduced. The sample messages of requst/response and the sample codes are also helpful for better understanding of readers. The explanation of the extension API of Google OAuth2.0 server is also useful to grasp the actual available functions for the moment.
            Concerning diagrams showing authorization flow, this book uses same thing with OAuth2.0 spec, some of beginner may take time to understand the actual flow. And authorization server processing like how to create secure authorization code and access token isn't explained at all. I hope such a authorization server aspect is also described in next revised vesion.

            Displaying reviews 1-8

            Back to top

             
            Buy 2 Get 1 Free Free Shipping Guarantee
            Buying Options
            Immediate Access - Go Digital what's this?
            Ebook: $19.99
            Formats:  ePub, Mobi, PDF
            Print & Ebook: $25.29
            Print: $22.99