Почетна Преглед Помоћ
Пријавите се
boarspring
/
repo_zf1
огледало од https://github.com/bluescreen/zf1-php7.2.git
2
0
Креирај огранак 1
Датотеке Дискусије 0 Вики
Дрво: 6d752df53f
Гране Ознаке
repo_zf1
/
documentation
/
manual
/
de
/
module_specs
/
Zend_Oauth-Introduction.xml

Zend_Oauth-Introduction.xml 2.6 KB
Историја Датотека

12345678910111213141516171819202122232425262728293031323334353637383940414243444546 
  1. <?xml version="1.0" encoding="UTF-8"?>
    2. 

  2. <!-- EN-Revision: 20232 -->
    3. 

  3. <!-- Reviewed: no -->
    4. 

  4. <sect1 id="zend.oauth.introduction" xmlns:xi="http://www.w3.org/2001/XInclude">
    5. 

  5.     <title>Introduction to OAuth</title>
    6. 

  6. 

  7.     <para>
    8. 

  8.         OAuth allows you to approve access by any application to your private data stored a website
    9. 

  9.         without being forced to disclose your username or password. If you think about it, the
    10. 

  10.         practice of handing over your username and password for sites like Yahoo Mail or Twitter has
    11. 

  11.         been endemic for quite a while. This has raised some serious concerns because there's
    12. 

  12.         nothing to prevent other applications from misusing this data.  Yes, some services may
    13. 

  13.         appear trustworthy but that is never guaranteed.  OAuth resolves this problem by eliminating
    14. 

  14.         the need for any username and password sharing, replacing it with a user controlled
    15. 

  15.         authorization process.
    16. 

  16.     </para>
    17. 

  17. 

  18.     <para>
    19. 

  19.         This authorization process is token based. If you authorize an application (and by
    20. 

  20.         application we can include any web based or desktop application) to access your data, it
    21. 

  21.         will be in receipt of an Access Token associated with your account. Using this Access Token,
    22. 

  22.         the application can access your private data without continually requiring your credentials.
    23. 

  23.         In all this authorization delegation style of protocol is simply a more secure solution to
    24. 

  24.         the problem of accessing private data via any web service API.
    25. 

  25.     </para>
    26. 

  26. 

  27.     <para>
    28. 

  28.         OAuth is not a completely new idea, rather it is a standardized protocol building on the
    29. 

  29.         existing properties of protocols such as Google AuthSub, Yahoo BBAuth, Flickr API, etc.
    30. 

  30.         These all to some extent operate on the basis of exchanging user credentials for an Access
    31. 

  31.         Token of some description. The power of a standardized specification like OAuth is that it
    32. 

  32.         only requires a single implementation as opposed to many disparate ones depending on the web
    33. 

  33.         service. This standardization has not occurred independently of the major players, and
    34. 

  34.         indeed many now support OAuth as an alternative and future replacement for their own
    35. 

  35.         solutions.
    36. 

  36.     </para>
    37. 

  37. 

  38.     <para>
    39. 

  39.         Zend Framework's <classname>Zend_Oauth</classname> currently implements a full OAuth
    40. 

  40.         Consumer conforming to the OAuth Core 1.0 Revision A Specification (24 June 2009) via the
    41. 

  41.         <classname>Zend_Oauth_Consumer</classname> class.
    42. 

  42.     </para>
    43. 

  43. 

  44.     <xi:include href="Zend_Oauth-ProtocolWorkflow.xml" />
    45. 

  45.     <xi:include href="Zend_Oauth-SecurityArchitecture.xml" />
    46. 

  46. </sect1>
    47.