Authentication using a third party app
Although this article is
about authentication using a third party app, I would like to clear out two
misconceptions which are related.
So first question to go, is
Authentication and Authorization the same?
No, they are two different
things
1. Authentication is the process of proving or confirming something to
be true, valid, or genuine (confirming it's actually me). In other words, authentication
verifies you are actually who you say you are.
2. Authorizing-giving official permission/ approval. Authorization
decides if you really have permission to access the resource. Act of
authorizing is authorization
And last but most important to know,
3. Authorization occurs
after identity of a person is successfully authenticated.
So next question in is, What
is OAuth ?
OAuth is an Authorization
protocol.
OAuth allows the user, to
give another website/service or another third party application, a limited access authentication token
for authorization to additional resources.
Some popular authentication
providers are
- Facebook Authentication Provider
- Google Authentication Provider
- OAuth Client
- GitHub
- GitLab
and many more to go , you can find a
complete list here https://en.wikipedia.org/wiki/List_of_OAuth_providers
Now I would like to go ahead to explain you the authentication process by
an authentication provider. First let’s identify the participants of this
process.
1.
Resource Owner
2.
Client application
3.
Authorization server
4.
Resource server
Practical Guide for Using an Authentication Provider
1.In GitHub, go to your account Settings,
and click Oauth Applications under Developer Settings.
2. Click Register a new application.
3. Give a name for Application Name field
.I have given it as ‘Mickey Mouse’
4. For Home page URL give the full URL to
your application homepage. I have given http://localhost:4000/ because I run this in localhost. You can give
anything you want here.
5. For the Authorization callback URL,
enter http://localhost:4000/home
. This is the redirection url. From this place after authentication, client
application is redirected to this url given here.
6.
Finally Click on the Register
application button at the end of the form.
following image shows how my one looked like
resulted App
After the app is registered, it generates a Client ID and a Client secret
Server side implementations for authentication process and validation is
available here.
After It is implemented as in the code given in above mentioned repository, and following the instructions in that git hub repository will result in the following.
Authentication screens will look like following. Since the user is Not signed in first It first asks the
Next it asks the user to
Authorize (or give permission to) the Mickey mouse app to access users GitHub repositories.
Once the user clicks on the
Authorize Button, The application is redirected to the page where activity of
viewing the repository could be done.
So far, I’ve shown some the basic
authentication process.(except in the the last image above) I have removed all the styling to make it clear. So
this is how it looks with styling.
Notice that once the app is
authenticated an access token is passed to the next redirected url
This app allows to extract selected repository details of the user. Further it also allows to visit the repository of the user.
when clicked on one of the links , the user is redirected to the selected repository.
That’s all folks! Please like and comment for any necessary improvements
and suggestions
