LOG IN
Find MentorsFind FreelancersCommunity PostBlog
SIGN UP
LOG IN
Codementor Events
Nitish Chauhan
Follow
Senior Software Engineer with 4+ years of experience

How OAuth 2 works ?

Published Jul 12, 2022
How OAuth 2 works ?

What is OAuth 2.0?

It is a protocol for Authorization.
The client (web app, mobile client, etc) will fetch info about a user from a resource owner using access token provided by a resource authorization server upon successful consent/approval from resource owner or the user.

Here, there are 4 main players:

  1. Resource Owner: An entity capable of granting access to a protected resource. In our case, it will be the end user.

  2. Resource server: The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens provided by client which is received upon successful consent from user.

  3. Client: Application which is querying resource server for specific resources about user. User interacts with this service.

  4. Authorization Server: The server which issues access tokens to the client after successfully authenticating the resource owner and obtaining authorization.

OAuth 2.0 Flow

Screen Shot 2022-07-12 at 10.23.43 PM.png

1. User interacts with Client and upon requesting of any resource type (user can sign in, request to access photos, etc), client will make a call to that resourse type owner Auth server. The Client will provide following info to Auth server:

  • Client id: for identification purpose
  • Callback URL / Redirect URL: URL at which Auth server will redirect the state with a access token. Callback URL view/controller is hosted by Client only.
  • Scope: what info does the client wants from resource server

2. User will be shown a consent screen where she/he needs to sign in using auth creds on specific resource type auth page.

3. Upon sucessfull authorisation, Auth service will redirect the flow to callback URL view with "Access token".

4. The above token now can be used by client to request resources from Resource server (according to scope passed in 1st step). This access token can expire for different cases such as:

  • User changes his/her Auth creds
  • Token is old and expired
  • Someone revoked our Client to access Resource server

5. This is the overall flow for OAuth 2.0 Authorisation protocol

References

Hope you find this post useful. Please provide feedback for the same.
Thank you.

Back endOauth 2.0ProgrammingPythonOauth
Report

Enjoy this post? Give Nitish Chauhan a like if it's helpful.

1
post comments
Nitish Chauhan
Senior Software Engineer with 4+ years of experience
**I have extensive experience of working with backend technologies, system design, API design, and databases.** I have expertise in Python language. Have worked with frameworks such as Django & Flask. Have worked with databases s...
Follow
Discover and read more posts from Nitish Chauhan
get started
post commentsBe the first to share your opinion
MarkdownGitHub flavored markdown supported
submit
Show more replies