Application Security with OAuth 2.0 and OpenID Connect Год выпуска: 2024 Производитель: Udemy Сайт производителя: https://www.udemy.com/course/application-security-with-oauth-2-and-openid Автор: Vardan Matevosian Продолжительность: ~4h14m Тип раздаваемого материала: Видеоурок Язык: Английский Описание: Unlock the essentials of application security with the comprehensive online course, "Getting Started with Application Security: OAuth 2.0 & OpenID." Designed for beginners and those looking to deepen their knowledge, this course equips you with the foundational principles of OAuth 2.0 and OpenID Connect. Who should take this course? Developers who are integrating OAuth 2.0 and OpenID Connect into their applications and need to understand both theory and practice. IT professionals seeking to enhance their knowledge of securing API endpoints and authentication mechanisms. Cybersecurity students or professionals wanting to learn about modern authentication techniques and security vulnerabilities. Beginners with no prior experience in OAuth 2.0 or OpenID who want a structured and comprehensive introduction to these technologies. What practical skills will I gain? You'll take on the role of an attacker to simulate logging in as a regular user, while also learning how to prevent attackers from accessing user profiles and obtaining protected user data. You’ll learn how to configure different OAuth 2.0 flows, including the Authorization Code Flow, Implicit Flow, Client Credentials Flow, and more. The course provides a deep dive into understanding and using tokens (access tokens, ID tokens, and refresh tokens). You'll understand how to secure your applications by implementing PKCE (Proof Key for Code Exchange).
Содержание
04:01 05:25 The Authentication and Authorization Framework 08:57 Resource Owner Password Credentials Flow 19:11 Get an access token using Resource Owner Password Credentials flow in Postman 2 вопросов Resource Owner Password Credentials flow 1 вопрос Implicit flow 20:55 Obtain the access token and user data using the access_token using Implicit flow 1 вопрос Implicit flow 1 вопрос 11:30 Client Credentials flow 1 вопрос Client Credentials flow 2 вопросов Authorization Code Flow 44:18 Authorization Code flow 1 вопрос Authorization Code flow 1 вопрос Authorization Code Flow with PKCE 12:34 Authorization Code flow with PKCE 1 вопрос Authorization Code flow with PKCE 2 вопросов Acting like a hacker and preventing Authorization Code Injection 32:21 Authorization Code Injection 1 вопрос Authorization Code Injection 2 вопросов OpenId Connect Protocol (OIDC) 17:24 Differences Between JWT and Opaque Tokens 14:15 04:35 Best Practices and additional learning resources 02:23
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
![[Quote]](./templates/default/images/lang/en/icon_quote.gif "Reply with quote"){kind=icon}
![[Profile]](./templates/default/images/lang/en/icon_profile.gif "View user's profile"){kind=icon}
![[PM]](./templates/default/images/lang/en/icon_pm.gif "Send private message"){kind=icon}
