Facebook’s OAuth problem
Last week self-proclaimed web security evangelist Egor Homakov published a blog post entitled How we hacked Facebook with OAuth2 and Chrome bugs. Naturally this led to a new round of “OAuth 2.0 is...
View ArticleA guide to OAuth grants
OAuth by it’s nature is a very flexible standard and can adapted to work in many different scenarios. The core specification describes four authorisation grants: Authorisation code grant Implicit grant...
View ArticleTwitter’s official clients have their OAuth keys leak
Someone has posted a Github Gist with all of the client identifiers and secret keys for the official Twitter clients on various platforms. This just highlights why it is imperitive that you don’t screw...
View ArticleAPI driven development: eating your own dog food
On Tuesday I presented at the first ever PHP North East conference in Newcastle. Hosted in the fantastic Tyneside Cinema (which is the last surviving Newsreel theatre still operating as a cinema...
View ArticleEasily integrate other OAuth 2.0 identity providers with PHP
One of the other PHP libraries I’ve been working for Linkey is a PHP library that makes working with other OAuth 2.0 identity providers “stupidly easy”. I think I’ve done that and it’s time to announce...
View ArticleOAuth 2.0 has won the 2013 European Identity Award
Mike Jones, author of the OAuth 2.0 bearer token specification and significant contributor to the OAuth 2.0 specification itself, has announced on his blog that OAuth 2.0 has won the 2013 European...
View ArticleProject dissemination at the Internet Identity Workshop
Last week I was in San Francisco for the 16th Internet Identity Workshop to disseminate the Linkey project and engage with those in the online identity communities. The event was sponsored by many big...
View ArticleOAuth 2.0 PHP Library
Throughout the Linkey project I’ve been working on a number of PHP libraries that aim to make working with OAuth 2.0 easier. The library is now at version 2.1, implements the entire core OAuth 2.0...
View ArticleOAuth Case Study: A review into the uses of OAuth in higher education
The Linkey project has two main deliverables: Open source PHP libraries for OAuth2.0 clients and servers. Our code has been available for some time and is discussed in a previous post. A case study,...
View ArticlePodcast interview: Is OAuth 2 the Devil?
Alex Bilbie and Zackary Blank come on the show to talk about OAuth 2, which has been getting a lot of flamey bad press over the last year or two after the original author quit the project. Why these...
View Article
More Pages to Explore .....