OAuth 2¶
- TODO: Introduction and a better description
Now and example of how the OAuth 2 interation look like:
-
Get (ussually) Manually
client_id
client_secret
-
Sent User over OAuth Client:
GET: provider.com/oauth/authorize?
client_id
redirect_uri
-
Web ask for permission \(yes\) or \(no\)
-
Re-direct to the uri:
GET: clietn.com/oauth_accept?
code: foobahz
-
Issue access token
POST: provider.com/oauth/access_token
code: foobahz
client_id: foo
client_secret: bar
-
Get access token \(Result:\)
{'access_token' : 'bazfoobahz'}
-
Can do alll user will do
GET: /user/me/friends
access_token: bazfoobahz
-
Response \(Result:\)
{'friends': [{'name': ....}]}