实现一个 2 Legged OAuth Provider [英] Implementing a 2 Legged OAuth Provider

问题描述

我正在努力寻找解决 OAuth 规范、它的要求以及我能找到的任何实现的方法，到目前为止，它似乎比它的价值更麻烦，因为我无法找到一个可以拉取的资源这一切都在一起.或者也许只是我在寻找比大多数教程更专业的东西.

I'm trying to find my way around the OAuth spec, its requirements and any implementations I can find and, so far, it really seems like more trouble than its worth because I'm having trouble finding a single resource that pulls it all together. Or maybe it's just that I'm looking for something more specialized than most tutorials.

我有一组现有的 API——有些是 Java 的，有些是 PHP 的——我现在需要保护它们，出于多种原因，OAuth 似乎是正确的方法.不幸的是，我无法找到正确的资源来帮助我启动和运行提供商，这对这个理论提出了挑战.由于其中大部分将是系统到系统 API 的使用，因此我需要实现一个 2-legged 提供程序.考虑到这一点...

I have a set of existing APIs--some in Java, some in PHP--that I now need to secure and, for a number of reasons, OAuth seems like the right way to go. Unfortunately, my inability to track down the right resources to help me get a provider up and running is challenging that theory. Since most of this will be system-to-system API usage, I'll need to implement a 2-legged provider. With that in mind...

1. 有谁知道使用 PHP 实现 2-legged OAuth 提供程序的任何好的教程?
2. 鉴于我有 2 种语言的安全 API，我是否需要在这两种语言中都实现一个提供程序，或者有没有办法将提供程序创建为前端控制器"，我可以通过它来汇集所有请求?
3. 例如，在保护 PHP 服务时，我是否必须通过在每个 API 上包含必要的提供程序资源来单独保护每个 API?

感谢您的帮助.

推荐答案

我会退后一步考虑一下经过适当身份验证的客户端将向您发送什么信息.

I would take a step back and think about what a properly authenticated client is going to be sending you.

您能否将密钥和凭据存储在可从两组服务访问的公共数据库中，并仅以一种语言实现 OAuth 提供程序?当用户向服务(PHP 或 Java)发送请求时，您会检查公共存储.当用户设置 OAuth 客户端时，您可以通过 PHP 或 Java 应用程序(您的偏好)完成所有这些操作，并将凭据存储在公共数据库中.

Can you store the keys and credentials in a common database which is accessible from both sets of services, and just implement the OAuth provider in one language? When the user sends in a request to a service (PHP or Java) you then check against the common store. When the user is setting up the OAuth client then you do all of that through either a PHP or Java app (your preference), and store the credentials in the common DB.

您可能需要查看一些用其他语言编写的 Oauth 提供程序:

There are some Oauth providers written in other languages that you might want to take a look at:

• PHP - http://term.ie/oauth/example/(见底部页)
• Ruby - http://github.com/mojodna/sample-oauth-provider
• .NET http://blog.bittercoder.com/PermaLink,guid,0d080a15-b412-48cf-b0d4-e842b25e3813.aspx

• PHP - http://term.ie/oauth/example/ (see bottom of page)
• Ruby - http://github.com/mojodna/sample-oauth-provider
• .NET http://blog.bittercoder.com/PermaLink,guid,0d080a15-b412-48cf-b0d4-e842b25e3813.aspx

这篇关于实现一个 2 Legged OAuth Provider的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！