Jaime Ryan

Subscribe to Jaime Ryan: eMailAlertsEmail Alerts
Get Jaime Ryan via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

OAuth Tutorial: Modifying a Layer 7 OAuth 1.0a Implementation to Support Custom Requirements

Modifying OAuth for Custom RequirementsLast week, I posted a video tutorial demonstrating how Layer 7’s OAuth Toolkit makes it possible to use a SecureSpan or CloudSpan Gateway as an OAuth 1.0/1.0a Server and Client. Today, I’m going to follow that up with a tutorial on how a Layer 7 OAuth implementation can be modified to support custom requirements.

The tutorial demonstrates this thorough the addition of a new parameter, which is extracted from transaction metadata and then used to tweak the implementation. Specifically, I create a policy in which the authorization token’s lifespan is shortened if the user comes in from the browser of a mobile device.

The scenarios I’ve presented in these tutorials represent the two biggest strengths of the OAuth Toolkit – adherence to the specification when you need it and flexibility when you need that.  Our customers have taught us that every OAuth implementation is slightly different and our aim is to give them the tools they need to adapt.

The video cannot be shown at the moment. Please try again later.

Read the original blog entry...

More Stories By Jaime Ryan

Jaime Ryan is the Partner Solutions Architect for Layer 7 Technologies, and has been building secure integration architectures as a developer, architect, consultant and author for the last fifteen years. He lives in San Diego with his wife and two daughters. Follow him on Twitter at @jryanl7.