OAuth2 Protocol Analysis: GitHub and DingTalk Examples
1. Principle Suppose there’s an APP that wants me to use GitHub for authorized login. In this login scenario: I, as the data owner, tell the system (GitHub) that I agree to authorize a third-party application (App) to enter the system and obtain certain data (my ID, avatar, etc.). The system then generates a short-term access token to replace the password for the third-party application (APP) to access the data. ...