Sign up to save your podcasts
Or
Share 050 OAuth 2 for Me and You (Social Login Lowdown) with Matt Gifford
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
050 OAuth 2 for Me and You (Social Login Lowdown) with Matt Gifford
Matt Gifford talks about “OAuth 2 for Me and You (Social Login Lowdown)” in this episode of CF Alive podcast, with host Michaela Light.
Show notes
Why use OAuth 2?
Saves complex login code
Easier for user - no more forgotten passwords
Single Sign On
Less PCI security issues - not storing emails and password
What is OAuth 2
Social login using FB, TW, Google, GitHub, BitBucket, Link, Microsoft Live, Instagram, Yahoo
OAuth 2 is totally different protocol from OAuth 1
Much simpler now
More secure
Adds scope - what permissions does it want from your FB (name, email, can post etc)
How does it work?
Header based
Signature = Token + key
JSON or URL
What are the the alternatives?
OpenID
SAML
How to use OAuth 2 from ColdFusion
Use a wrapper
What is your favor wrapper?
MonkehTweets
How to register your app with FB and other providers
Local dev, staging and production URLs
Call back URL
Scope
Client ID + token secret value
Save locally (not in the cloud)
Later option to revoke or regenerate these if you are hacked
What does OAuth 2 Cost?
Open source - free
Time to set up code and registration
CF in Cyprus
Why are you proud to use CF?
WWIT for you to make CF more alive this year?
Modern
CommandBox REPL
ForgeBox package management
Open source contributions
What are you looking forward to at CFCAMP?
Authentication is key when dealing with the web, certainly when calling, liaising with and using external API services. You may even need to implement ( or may already have ) your own authentication service for your apps or for others to use.
In this session, Matt will discuss the OAuth 2 protocol, what it means to be a consumer or provider, and how to navigate the handshake communications between the service. At the end of this session, you will walk taller, safe in the fact that you are filled with knowledge of OAuth 2, how to use it and how to build your own service.
Mentioned in this episode
His Book "Object-Oriented Programming in ColdFusion"
His book "PhoneGap Mobile Application Development Cookbook"
OAuth 2
Wiki
Single Sign On
Scotch on the Rocks conference
MonkehTweets
Twitter Social Login by Jeremy DeYoung
OpenID
SAML
Lucee CFML
CommandBox
ForgeBox
CFCAMP
Listen to the Audio
Bio
Matt Gifford
Matt Gifford is owner and primary primate at his own development consultancy company, monkehWorks Ltd. His work primarily focuses on building mobile apps and ColdFusion development, although he's such a geek he enjoys writing in a variety of languages.
He's a published author and presents at conferences and user groups on a variety of topics. As an Adobe Community Professional and Adobe User Group manager, Matt is a keen proponent for community resources and sharing knowledge.
He is the author of "Object-Oriented Programming in ColdFusion" and "PhoneGap Mobile Application Development Cookbook" and also contributes articles and tutorials to international industry magazines. Visit Matt at www.monkehworks.com or @coldfumonkeh on Twitter.
Interview transcript
Michael: Welcome back to the show. I'm here with Matt Gifford, and he's joining me from Cyprus which is hot and sunny as opposed to England where I am right now which is kind of a little dreary actually. I think I was a good move you made there Matt. And we're going to be talking about OAuth 2, and how you can use that do really amazing logins on your ColdFusion apps. And we'll look at how it works, what it is, how you can use it in ColdFusion. And we’ll ask him what his favorite rapper is; and I mean code rapper, not music rapper there.
And we’ll also look at some of the intricacies of registering your app with Facebook, and Twitter, and Google and some of the other providers you can use OAuth with.
View all episodes
By Michaela Light
4.8
55 ratings
Matt Gifford talks about “OAuth 2 for Me and You (Social Login Lowdown)” in this episode of CF Alive podcast, with host Michaela Light.
Show notes
Why use OAuth 2?
Saves complex login code
Easier for user - no more forgotten passwords
Single Sign On
Less PCI security issues - not storing emails and password
What is OAuth 2
Social login using FB, TW, Google, GitHub, BitBucket, Link, Microsoft Live, Instagram, Yahoo
OAuth 2 is totally different protocol from OAuth 1
Much simpler now
More secure
Adds scope - what permissions does it want from your FB (name, email, can post etc)
How does it work?
Header based
Signature = Token + key
JSON or URL
What are the the alternatives?
OpenID
SAML
How to use OAuth 2 from ColdFusion
Use a wrapper
What is your favor wrapper?
MonkehTweets
How to register your app with FB and other providers
Local dev, staging and production URLs
Call back URL
Scope
Client ID + token secret value
Save locally (not in the cloud)
Later option to revoke or regenerate these if you are hacked
What does OAuth 2 Cost?
Open source - free
Time to set up code and registration
CF in Cyprus
Why are you proud to use CF?
WWIT for you to make CF more alive this year?
Modern
CommandBox REPL
ForgeBox package management
Open source contributions
What are you looking forward to at CFCAMP?
Authentication is key when dealing with the web, certainly when calling, liaising with and using external API services. You may even need to implement ( or may already have ) your own authentication service for your apps or for others to use.
In this session, Matt will discuss the OAuth 2 protocol, what it means to be a consumer or provider, and how to navigate the handshake communications between the service. At the end of this session, you will walk taller, safe in the fact that you are filled with knowledge of OAuth 2, how to use it and how to build your own service.
Mentioned in this episode
His Book "Object-Oriented Programming in ColdFusion"
His book "PhoneGap Mobile Application Development Cookbook"
OAuth 2
Wiki
Single Sign On
Scotch on the Rocks conference
MonkehTweets
Twitter Social Login by Jeremy DeYoung
OpenID
SAML
Lucee CFML
CommandBox
ForgeBox
CFCAMP
Listen to the Audio
Bio
Matt Gifford
Matt Gifford is owner and primary primate at his own development consultancy company, monkehWorks Ltd. His work primarily focuses on building mobile apps and ColdFusion development, although he's such a geek he enjoys writing in a variety of languages.
He's a published author and presents at conferences and user groups on a variety of topics. As an Adobe Community Professional and Adobe User Group manager, Matt is a keen proponent for community resources and sharing knowledge.
He is the author of "Object-Oriented Programming in ColdFusion" and "PhoneGap Mobile Application Development Cookbook" and also contributes articles and tutorials to international industry magazines. Visit Matt at www.monkehworks.com or @coldfumonkeh on Twitter.
Interview transcript
Michael: Welcome back to the show. I'm here with Matt Gifford, and he's joining me from Cyprus which is hot and sunny as opposed to England where I am right now which is kind of a little dreary actually. I think I was a good move you made there Matt. And we're going to be talking about OAuth 2, and how you can use that do really amazing logins on your ColdFusion apps. And we'll look at how it works, what it is, how you can use it in ColdFusion. And we’ll ask him what his favorite rapper is; and I mean code rapper, not music rapper there.
And we’ll also look at some of the intricacies of registering your app with Facebook, and Twitter, and Google and some of the other providers you can use OAuth with.