"PHP Third-Party Login—OAuth2.0 Protocol Video Tutorial" mainly introduces the third-party login related protocol—OAuth2.0 protocol. It mainly introduces the usage scenarios and implementation principles of OAuth, and explains the precautions for using the OAuth2.0 protocol based on actual practice, which is of great practical value.
Course playback address: http://www.php.cn/course/410.html
The teacher’s teaching style:
The teacher’s lectures are vivid, witty, witty, and touching. A vivid metaphor is like the finishing touch, opening the door to wisdom for students; an appropriate humor brings a knowing smile to students, like drinking a glass of mellow wine, giving people aftertaste and nostalgia; a philosopher's aphorisms, cultural references Proverbs are interspersed from time to time in the narration, giving people thinking and warning.
The more difficult point in this video is the detailed explanation of the OAuth authorization process:
What is OAuth authorization?
1. What is the OAuth protocol
OAuth (Open Authorization) is an open standard. The so-called OAuth (Open Authorization, Open Authorization) provides a security for user resource authorization. Simple standard,
allows third-party websites to access various information stored by users in service providers under the premise of user authorization.
This kind of authorization does not require the user to provide the user name and password to the third-party website but to log in directly from the page provided by the service provider.
OAuth allows users to provide an access token (professional point is called a token) to a third-party website. An access token (professional point is called a token) corresponds to a specific third-party website. At the same time, the access token (professional point is called a token) It’s called a token) and can only access specific resources within a specific time.
To put it bluntly: that is to say, when a user accesses a third-party web or application, the third party does not know the user’s account and password. In this case, after authorization by the user, you can obtain the articles, Weibo information and other information stored by the user on the service provider
1. OAuth authorization must go through three steps
The first step: Obtain the unauthorized Request Token (request token) Jump to the service provider's login page
The second step: Obtain the user authorization Request Token (request token) The user enters the account password for login authorization
Step 3: Exchange the authorized Request Token (request token) for Access Token (access token)
The above three steps are necessary steps for OAuth authorization. Many companies may have different authorization methods. There are differences, but the general steps are the same
The following uses Sina Weibo as an example to introduce how to perform OAuth authorization:
1. First you need to be Sina developers click here to enter the developer website: http://open.weibo.com
After entering, register an account and add developer personal information. You can log in directly with your Weibo account and join the development The detailed steps will not be repeated here
2. Create an application. How to create an application, just click My Application on the top navigation bar to create it
*Assume that you Add "Program Source Weibo" to the name of the created application
*After the application is created, it will enter the "Development Phase" by default and it will be eligible for authorization
*At this time, click My Application--> ; Application information you will see the following information
The above is the detailed content of PHP third-party login OAuth2.0 protocol video tutorial resource introduction. For more information, please follow other related articles on the PHP Chinese website!