OAuth 2.0 Tutorial? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.

Closed 8 years ago.

开发者_开发知识库 Improve this question

I'm writing a REST web service on twisted and I want to use OAuth 2.0 for authorization. Is there a tutorial out there to help me write the OAuth server without having to read the entire spec? I know it's in draft, but even Facebook is using it.

---

Edit for 2012: Try Google OAuth 2 playground at https://code.google.com/oauthplayground for a practical demo. It will allow you to see working requests.

There aren't any good, generic OAuth 2 tutorials. Obviously the IETF spec, like any engineering spec, is designed to be specific and verbose rather than short and simple.

Additionally many other oAuth 2 documents are diffs of oAuth 1, which is a horrible way to try and learn something.

I find Google's own (Google-specific) oAuth 2 documents relatively good to get an understanding of how it practically works - what's sent, in what request, to whom: https://developers.google.com/oauthplayground/

---

FWIW, I have an example project here using django and piston with oauth2: https://bitbucket.org/justinfx/django-piston-oauth2-nonrel-example

---

OAuth ends up being so simple, there's really no need for a library. It boils down to using HTTPS and passing the correct POST parameters as specified in the draft: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-10