Намери подобно съдържание

https://pypi.python.org/pypi/oauthlib A generic, spec-compliant, thorough implementation of the #OAuth request-signing logic for python OAuth often seems complicated and difficult-to-implement. There are several prominent libraries for handling OAuth requests, but they all suffer from one or both of the following: They predate the OAuth 1.0 spec, AKA RFC 5849. They predate the OAuth 2.0 spec, AKA RFC 6749. They assume the usage of a specific HTTP request library. OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you’re a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort.

😈 Malicious use of OAuth applications. • Network Response Analysis; • Endpoint Shapes Discovery; - Common Shapes in OAuth 2.0; - Application-Specific Shapes; • OAuth 2.0 Vulnerabilities; - Open Redirects and Token Theft; - URL-Parameter-Based Open Redirect; - Referer-Based Open Redirect; - Exploiting Redirect Chains; - Long-Lived Tokens; - Insecure Redirects; - Case 1: Attack with URL Parameter; - Prevention: Method 1 - Use White-Listed Domain; - Lack of State Check in OAuth; - Case 1: Attack with State Parameter; - Prevention: Method 1 - Use State Randomize Parameter; • Creating Malicious OAuth Applications; • OAuth Security Checklist; • AUTHENTICATOR Pattern. #OAuth#devsecops

https://aaronparecki.com/2012/07/29/2/oauth2-simplified#others OAuth 2 Simplified Sun, Jul 29, 2012 9:30am -07:00 Many services such as #Facebook, #Github, and #Google have already deployed OAuth 2 servers, and deployed implementations win. The #OAuth 2 spec itself leaves many decisions up to the implementor. Instead of describing all possible decisions that need to be made to successfully implement OAuth 2, this post makes decisions that are appropriate for most implementations. This post is an attempt to describe OAuth 2 in a simplified format to help developers and service providers implement the protocol.

#OAuth#前端#全栈#生态 推荐一个 Simple and Clean 的开源 Auth 库 https://lucia-auth.com, 提供主流数据库/ORM和前端框架的支持。如果只需要处理 OAuth，可以用 https://arctic.js.org. https://fixupx.com/AprilNEA/status/1769527517000683637

🔖Tinyauth | 一键给 Docker 应用加登录验证 平时在Docker里搭应用时，如果要给 Web 应用加上登录验证，配置往往很麻烦。Tinyauth 就是为此而生的开源轻量级中间件，它能一键给任何 Docker 应用加上登录页面，极大简化操作 它支持用户名密码登录，也支持 Google、Github 等 OAuth 第三方登录；兼容 Traefik、Nginx、Caddy 等常见反向代理；同时还支持多语言界面和 Docker Compose 一键部署。项目持续更新中，并提供在线演示和详细文档，让你几分钟就能跑起来 🐙Tinyauth I 📃Release下载 标签：#Tinyauth#Docker#登录验证#OAuth#反向代理 📮频道 | 🪧群聊 | ✨中文包

#AI #automated_testing #automation #asyncio #atexit #button #concurrency #Coroutines #data_mining #dropdownbox #Debian #decorators #django_cms #form #Google #Gym #intelligence #input #lists #machine_learning #map #Metaprogramming #Micro_services #monitoring #Multipart #multi_touch_apps #multiprocessing #Nodes #numerical #OAuth #package #pytest #python #requests #Requests #satellite #scrapy #scikit_learn #SciPy #searching #submit #selectbox #sessions #TensorFlow #text_boxes #text #telegram #Threads #tuples #Universe #urllib #upload

#AI#Artificial_Intelligence #aiohttp #API #AWS #asyncio #audio #automated_testing #automation #atexit #BeeWare #button #client #concurrency #cron #Coroutine #data_analysis #data_mining #data_processing #database #Deep_Learning #Debian #decorator #dispatch #django #dropdownbox #Docker #event #Firefox #form #freeze #functool #Generator #GeoDjango #Google #GPU #Gym #learn #Image_processing #intelligence #input #IOT #lambda #lists #machine_learning #Magenta #map #Metaprogramming #Micro_services #mind #monitoring #MongoDB #Mozilla #Multipart #multi_touch_apps #multiprocessing #Nodes #NoSQL #numeric_computation #numerical #NumPy #OAuth #object_serialization #OCR #overloading #package #parallel #pipeline #protocols #PostGIS #pyAudioAnalysis #PyInstaller #PySide #PyTorch #pytest #python #Pyvideo_archives #Qt #Redis #random #request #REST #satellite #scrapy #scikit_learn #SciPy #searching #submit #selectbox #Selenium #serialization #server #session #socket #sound #task #TensorFlow #text_boxes #text #test #telegram #Thread #transport #tuples #Universe #Unix #urllib #upload #Web

#AI#Artificial_Intelligence #aiohttp #AngularJS #API #AWS #asyncio #audio #automated_testing #automation #atexit #BeeWare #button #client #concurrency #Coroutine #cron #curl #data_analysis #data_mining #data_processing #database #Deep_Learning #Debian #decorator #dict #dispatch #django #django_cms #dropdownbox #Docker #event #Firefox #form #Generator #GeoDjango #git #Google #GPU #Gym #learn #Image_processing #intelligence #input #IOT #lambda #learn #lists #machine_learning #Magenta #map #Metaprogramming #Micro_services #mind #monitoring #MongoDB #Mozilla #Multipart #multi_touch_apps #multiprocessing #Nodes #NoSQL #numeric_computation #numerical #NumPy #OAuth #object_serialization #OCR #overloading #package #parallel #pipeline #protocols #PostGIS #pyAudioAnalysis #pycon #Pyflakes #PyInstaller #PySide #PyTorch #pytest #python #Pyvideo_archives #Qt #React #Redis #random #request #REST #satellite #scrapy #scikit_learn #SciPy #searching #submit #selectbox #Selenium #serialization #server #socket #task #telegram #TensorFlow #test #text_boxes #text #tuples #unicode #Universe #Unix #urllib #upload #Web

#AI#Artificial_Intelligence #AJAX #aiohttp #Anaconda #AngularJS #API #Atom #AWS #asyncio (#Asynchronous) #audio #automated_testing #automation #atexit #BeeWare #Big_Data #bitcoin #blockchain #Bluemix #Brython #button #Celery #client #class #classmethod #concurrency #Coroutine #cron #CSS #curl #data_analysis #data_mining #data_processing #database #Deep_Learning#deep_learning #Debian #decorator #deploy #dict #dispatch #django #django_cms #Django_REST_Framework #dropdownbox #Docker #event #Firefox #Flask #form #functions #Generator #GeoDjango #git #Google #GPU #GUI #Gym #host #HTML #httplib #learn #Image_processing #intelligence #input #Instagram #IOT #iPython #Jupyter #lambda #learn #License #Linux #lists #machine_learning #Magenta #map #Matplotlib #Metaprogramming #Micro_services #Micropython #mind #monitoring #MongoDB #modules #Mozilla #Multipart #multi_touch_apps #multiprocessing #Nodes #NoSQL #numeric_computation #numerical #NumPy #network #neural_network #OAuth #object_serialization #OCR #overloading #package #parallel #pipeline #protocols #PostGIS #pyAudioAnalysis #pycon #Pyflakes #PyInstaller #PyPI #PyQt #PySide #PyTorch #pytest #python #Pyvideo_archives #Qt #Raspberry_Pi #React #Redis #random #request #Regular_Expressions (#re) #REST #RSS #satellite #scikit_learn #SciPy #scrapy #searching #selectbox #Selenium #serialization #server #sessions #single_responsibility_principle #socket #Spark #str #submit #task #telegram #template #TensorFlow #test #text_boxes #text #tuples #unicode #Universe #Unix #unit_test #urllib #upload #uWSGI #Web #WSGI