About the Book
OAuth is oft-hated by developers for being difficult to work with because of poor documentation, abandoned client libraries, and inconsistent implementations between vendors.
This book discusses how OAuth came into being, what the protocol is trying to achieve and then breaks down both the OAuth 1.0 and OAuth 2.0 specifications into easily understood parts so that developer can understand how they work.
The book examines major vendors' implementations to show how and why they deviate from the specification, and how developers can implement a secure, standards compliant OAuth 2.0 server to protect their APIs.
In addition there are a number of case studies showing how to develop custom grants, deploy OAuth 2.0 in non-typical environments such as single page webapps and other examples of nifty tricks you can use.
About the Author
I've been shouting about and writing code for OAuth for many years. I've spoken at conferences, argued on podcasts and answered many tweets and emails about why OAuth is an awesome protocol to use in your stack.
I've decided to sum up all of my knowledge in a single book to dispell some of the controvesy and untruths about OAuth, and to help developers build secure and standards compliant implementations.
I've read the specs so you don't have to!