You'll learn how to confidently and securely build and deploy OAuth on both the client and server sides. Foreword by Ian Glazer.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the TechnologyThink of OAuth 2 as the web version of a valet key. It is an HTTP-based security protocol that allows users of a service to enable applications to use that service on their behalf without handing over full control. And OAuth is used everywhere, from Facebook and Google, to startups and cloud services.About the BookOAuth 2 in Action teaches you practical use and deployment of OAuth 2 from the perspectives of a client, an authorization server, and a resource server. You'll begin with an overview of OAuth and its components and interactions. Next, you'll get hands-on and build an OAuth client, an authorization server, and a protected resource. Then you'll dig into tokens, dynamic client registration, and more advanced topics. By the end, you'll be able to confidently and securely build and deploy OAuth on both the client and server sides.What's InsideCovers OAuth 2 protocol and designAuthorization with OAuth 2OpenID Connect and User-Managed AccessImplementation risksJOSE, introspection, revocation, and registrationProtecting and accessing REST APIsAbout the ReaderReaders need basic programming skills and knowledge of HTTP and JSON.About the AuthorJustin Richer is a systems architect and software engineer. Antonio Sanso is a security software engineer and a security researcher. Both authors contribute to open standards and open source.Table of ContentsPart 1 - First stepsWhat is OAuth 2.0 and why should you care?The OAuth dance Part 2 - Building an OAuth 2 environmentBuilding a simple OAuth clientBuilding a simple OAuth protected resourceBuilding a simple OAuth authorization serverOAuth 2.0 in the real world Part 3 - OAuth 2 implementation and vulnerabilitiesCommon client vulnerabilitiesCommon protected resources vulnerabilitiesCommon authorization server vulnerabilitiesCommon OAuth token vulnerabilities Part 4 - Taking OAuth furtherOAuth tokensDynamic client registrationUser authentication with OAuth 2.0Protocols and profiles using OAuth 2.0Beyond bearer tokensSummary and conclusions

    Even though most engineers don't think much about them, this short book shows you why logs are worthy of your attention.Based on his popular blog posts, LinkedIn principal engineer Jay Kreps shows you how logs work in distributed systems, and then delivers practical applications of these concepts in a variety of common uses--data integration, enterprise architecture, real-time stream processing, data system design, and abstract computing models.Go ahead and take the plunge with logs; you're going love them.Learn how logs are used for programmatic access in databases and distributed systemsDiscover solutions to the huge data integration problem when more data of more varieties meet more systemsUnderstand why logs are at the heart of real-time stream processingLearn the role of a log in the internals of online data systemsExplore how Jay Kreps applies these ideas to his own work on data infrastructure systems at LinkedIn

    Written from a computer science perspective by three leading experts in the field, it gives an up-to-date treatment of all aspects of the design and implementation of systems for gathering, indexing, and searching documents; methods for evaluating systems; and an introduction to the use of machine learning methods on text collections. All the important ideas are explained using examples and figures, making it perfect for introductory courses in information retrieval for advanced undergraduates and graduate students in computer science. Based on feedback from extensive classroom experience, the book has been carefully structured in order to make teaching more natural and effective. Although originally designed as the primary text for a graduate or advanced undergraduate course in information retrieval, the book will also create a buzz for researchers and professionals alike.