Enterprise OAuth 2.0 and OpenID Connect

Enterprise OAuth 2.0 and OpenID Connect

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 94 lectures (11h 26m) | 3.63 GB

Master OAuth2/OpenID Connect with Okta/Google Authorization Server and Postman. 3 Java/Angular projects (Optional)

Enroll in this most comprehensive and HIGHEST rated course on OAuth 2.0 and OpenID Connect and take your understanding of Authentication and Authorization to the next level. Regular updates with latest material, quick Instructor replies and excellent reviews.

Recently Updated :

  • Spring Boot examples updated to Spring Boot 3.0 and Spring Security 6.0 version.
  • Role Based Access Control (RBAC) lectures added.

OAuth 2.0 is the industry-standard protocol for authorization. Almost all enterprises today are now using an Authorization Server to protect their REST APIs or have plans to use them in the near future. This course is designed to help Software developers and Application Architects fully understand the concepts behind OAuth and become an expert in integrating their code with any OAuth 2.0 Authorization Server.

You will be able to design your applications using Microservices architecture and fully understand how security can be implemented using OAuth2. The course will especially focus on enterprise applications deployed in the cloud environments right from the start. There are lectures devoted to Java Spring Boot and Angular implementations for OAuth Client and Resource Server but the course is designed for a broader audience with knowledge of HTTP and Web Development.

You will learn about OAuth by understanding it from many different perspectives.

  • User’s perspective by demonstrating a real world application using Shutterfly
  • Architect’s perspective by explaining the OAuth flows, Cloud deployments and Identity Brokers using diagrams
  • Developer’s perspective by using Postman to create and send messages to Okta and Google Authorization Servers
  • Java Developer’s perspective by writing our own Shutterfly application using a Java and Spring Boot Application
  • Angular Developer’s perspective by writing our own Shutterfly application using Angular Front End
  • Desktop Developer’s perspective by understanding how to protect such applications using OpenID Connect
  • Mobile Developer’s perspective by understanding how to protect Mobile applications using OpenID Connect
  • IoT (Internet Of Things) Developer’s perspective by understanding how to protect IoT applications using OpenID Connect
  • Tester’s perspective by understanding how to test OAuth HTTP messages using Chrome and Postman
  • Understand about Cryptographic Hashing, Encryption and Digital Signatures
  • Understand about Identity And Access Management features of Okta
  • Understand about JWT Tokens
  • Understand Scope based Authorization versus Role Based Access Control (RBAC)

You will learn about the various OAuth2 Grant Types, Access tokens, JWT tokens, Scopes and PKCE Extension. We will use the Google Authorization Server for explaining Social applications, Okta Authorization Server to explain Enterprise applications and in the process also understand subtle differences between Authorization Servers.

One of the big goals of this course is to understand how OAuth is used in an Enterprise and Cloud today. It’s used along with SAML and LDAP together and so it’s the goal of this course to explain these integrations end to end. For that reason, this course deliberately attempts to examine LDAP, SAML and Single Sign-on (SSO) before exploring OAuth2. You will learn about Cloud deployments, Multi-cloud deployments as well as Identity Brokers.

You will be able to get a 360 degree view of OAuth and OpenID Connect by exploring all possible Application integration points for different Architectures.

Table of Contents

Course Content
Why learn OAuth and OpenID Connect
Course Content
Explanation of Diagrams
Cryptography Basics

Security Fundamentals LDAP and SAML
Section Overview and Security Basics
Authentication and Authorization
LDAP
SAML and Single SignOn
SAML Authentication Flow
Enterprise Application Security and Problem Usecases
Social Applications and its problems

OAuth 20 Fundamentals
OAuth Fundamentals
OAuth 20 Definition
OAuth Real World Demonstration
Authorization in OAuth
OAuth Roles
OAuth Client Registration
OAuth Opaque Access Tokens
OAuth Structured Access Tokens JWT
OAuth Scopes
Notes on Access tokens and Scopes
OAuth Endpoints
Token Revocation Endpoint
OAuth Grant Types Refresh Tokens and Token Revocation
OpenID Connect Scopes
OAuth Grant Types Summary
OAuth 20 Notes and Links

Grants Deep Dive using Google Authorization Server
Grants Deep Dive with Google Authorization Server
Section Introduction
Google Authorization Server Client Registration
Finding Google Endpoints
Postman Documentation and Installation
Deep Dive Authorization Code Grant Type
Deep Dive Authorization Code Grant Type Continued
Deep Dive PKCE Extension
Deep Dive Implicit Grant Type
Google Playground
Google Coding Project Project Explanation
Google Coding Project Code Walkthrough
Google Coding Project Debugging using Chrome
Google Coding Project Spring Boot My Photos Client local setup

Grants Deep Dive using Okta Authorization Server
Resource Owner Password Grant with Okta
Okta Authorization Server
Okta User Interface Changes
Okta Setup
Custom Resource Server using Spring Boot
FakeBookAPI Resource Server setup
Deep Dive Client Credentials Grant Type
Deep Dive Resource Owner Password Grant Type
Other Okta Features
Okta Coding Project Project Explanation
Okta Coding Project Code Walkthrough
Okta Coding project Spring Boot My Photos Client local setup

JWT and Client Authentication
Section Introduction
JWT Token
Client Authentication using Client Secret
Client Authentication using JWT
Client Authentication Documentation

OAuth 20 for the Enterprise and Cloud
OAuth 20Open ID for the Enterprise
Introduction
Enterprise versus Social Applications
OAuth 20 Architecture for the Enterprise
Login Logout and Sessions
User Mapping with Scopes
OAuth 20 on the Cloud
Revisit Enterprise Problem Usecases
OAuth 20 and OpenID Connect
Handling Multiple Authorization Servers
Identity Brokers
OAuth 20OpenID Best Practices

Protecting Single Page Applications Angular Coding Project
Angular Project Explanation
Angular Code Walkthrough Implicit flow using Google
Angular Code Walkthrough Authorization Code with PKCE using Okta
Final thoughts about Angular
Angular Project Setup

Protecting Native Applications Desktop Mobile
Native Applications Versus Web Applications
Using OAuth in Desktop Applications
Using OAuth in Mobile Applications
RFC Link for Native Applications

Protecting Applications on other Devices TV Watches etc
Devices with Limited Input Capabilities
Device Code Grant Type
RFC Link for OAuth 20 Device Authorization Grant

Related Talks and Perspectives
The Idea of Delegated Authentication

Conclusion
That was a lot of learning
Documentation and References
Bonus Lecture

Bonus Cryptography Basics Hashing Encryption Signatures
Section Introduction
URL Encoding
Base64 Encoding
Cryptographic Hashing
Symmetric Encryption
Asymmetric Encryption
Hybrid Encryption
Digital Signatures

Homepage