Tech Trek: A Software Engineer's Guide to Code and Beyond

The OAuth Playground is an application/tool by Google for learning how OAuth works. It presents you with a three-step process for selecting the services you want to authorize, generating an access token, and making API requests. In OAuth terminologies, Google OAuth playground will act as a client Application which does contain client id, Client secret and OAuth Endpoints required to access Service provider. It also supports custom endpoints as well i.e. using Google OAuth playground you can connect to another service provider as well apart from Google like Salesforce. Resource Owner:  You Client Application:  Google OAuth 2.0 Playground Service Provider:  Google In this blog, I’ll only focus on Google API and will try to retrieve user profile via playground. Step 1: Hit https://developers.google.com/oauthplayground/ Step 2: You will see a list of scope using which you can access particular resources. As our aim is to fetch user profile so will...

This guide walks you through the steps of registering an application to integrate with Facebook. Register a new application From  http://developer.facebook.com , click on "My Apps" at the top of the page to go to the application dashboard. The dashboard shows a list of applications that the developer has already created or you can create a new one by clicking on  Add a new App.   A dialog prompts you to name your application. Enter Display Name, Contact Email and Choose a category from drop down list and click on  Create App ID . After you click, Facebook performs a Captcha check to verify that you’re not setting up applications through an automated process. Once you’ve satisfied the verification process, your application is created. The next page you see is your application’s application page. Click on the  Settings  button and it will open you a setting page of your application. Now we can configure various det...

Prerequisite : Understanding of JWT or read here to understand what is JSON Web token. As we already know that JWT is special because it is digitally signed and we can verify the authenticity of JWT using signature. Today, we will discuss on how we can actually sign this JWT using Symmetric and Asymmetric key. Symmetric key: Symmetric key uses the same key for the signature generation as well as at the time of token verification. So, extra precaution is required during the exchange of the secret key between sender and receiver. Use symmetric key if there is one sender and one receiver, the exchanging of the key will be easy.  Eg: One web application talking to the backend services. Asymmetric key: It uses a key pair. The key pair consists of a public key and a private key. JSON data will be signed using the private key and can be verified using the public key. Use Asymmetric key if you have one sender and multiple receivers as you cannot share the same key...