Skip to content

Instantly share code, notes, and snippets.

@jodyson24

jodyson24/auth.md

Forked from taniarascia/auth.md
Created June 10, 2020 11:03
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jodyson24/bea83e24e62bb342dac25c4b705da8bc to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jodyson24/bea83e24e62bb342dac25c4b705da8bc to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -43,6 +43,7 @@ Outline of ideas, concepts to cover, potential projects to write.
    - OpenID Connect (OIDC)
    - Proof Key for Code Exchange (PKCE)
    - System for Cross-domain Identity Management (SCIM)
    - Role-based access control (RBAC)

    ## Project

  2. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 4 additions and 2 deletions.
    6 changes: 4 additions & 2 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -49,8 +49,10 @@ Outline of ideas, concepts to cover, potential projects to write.
    - Create a full-stack application
    - React front end
    - Node/Express back end
    - Login option 1: OAuth 2.0/OIDC with Google/Twitter/GitHub as the IDP
    - Login option 2: custom username/password login.
    - Login option 1: OAuth 2.0/OIDC with Google/Twitter/GitHub as the SSO IDP
    - Login option 2: custom username/password login
    - Ability to associate SSO to an existing user
    - Different roles (admin, user, maybe one more)

    ## Topics to Cover

  3. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 7 additions and 2 deletions.
    9 changes: 7 additions & 2 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -46,7 +46,12 @@ Outline of ideas, concepts to cover, potential projects to write.

    ## Project

    - Full-stack application
    - Create a full-stack application
    - React front end
    - Node/Express back end
    - OAuth 2.0/OIDC with Google/Twitter/GitHub as the IDP
    - Login option 1: OAuth 2.0/OIDC with Google/Twitter/GitHub as the IDP
    - Login option 2: custom username/password login.

    ## Topics to Cover

    - When to use different strategies (for example, PKCE in a client-side only app, session cookies for a BE+FE on the same subdomain, etc).
  4. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -32,7 +32,7 @@ Outline of ideas, concepts to cover, potential projects to write.
    ## Persistence

    - Cookies
    - HTTP Only/Secure
    - HTTP Only/Secure/SameSite
    - Web Storage
    - Local Storage
    - Session Storage
  5. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 8 additions and 1 deletion.
    9 changes: 8 additions & 1 deletion auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -42,4 +42,11 @@ Outline of ideas, concepts to cover, potential projects to write.
    - OAuth 2.0
    - OpenID Connect (OIDC)
    - Proof Key for Code Exchange (PKCE)
    - System for Cross-domain Identity Management (SCIM)
    - System for Cross-domain Identity Management (SCIM)

    ## Project

    - Full-stack application
    - React front end
    - Node/Express back end
    - OAuth 2.0/OIDC with Google/Twitter/GitHub as the IDP
  6. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -41,4 +41,5 @@ Outline of ideas, concepts to cover, potential projects to write.

    - OAuth 2.0
    - OpenID Connect (OIDC)
    - Proof Key for Code Exchange (PKCE)
    - System for Cross-domain Identity Management (SCIM)
  7. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 4 additions and 0 deletions.
    4 changes: 4 additions & 0 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -2,6 +2,10 @@

    Outline of ideas, concepts to cover, potential projects to write.

    ## Setup Idea

    - Book with a video for each chapter.

    ## Prerequisites/Overview

    - HTML, CSS, JavaScript
  8. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 2 additions and 0 deletions.
    2 changes: 2 additions & 0 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,5 +1,7 @@
    # JavaScript Authentication & Authorization

    Outline of ideas, concepts to cover, potential projects to write.

    ## Prerequisites/Overview

    - HTML, CSS, JavaScript
  9. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 2 additions and 2 deletions.
    4 changes: 2 additions & 2 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -9,8 +9,8 @@

    ## Concepts

    - Authorization
    - Authentication
    - Authorization (AuthZ)
    - Authentication (AuthN)
    - Headers
    - Sessions
    - JSON Web Tokens (JWT)
  10. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 3 additions and 7 deletions.
    10 changes: 3 additions & 7 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,7 +1,5 @@
    # JavaScript Authentication & Authorization

    Outline of ideas, topics to cover.

    ## Prerequisites/Overview

    - HTML, CSS, JavaScript
    @@ -18,6 +16,7 @@ Outline of ideas, topics to cover.
    - JSON Web Tokens (JWT)
    - Identity Provider (IDP)
    - Cross-origin resource sharing (CORS)
    - Single sign on (SSO)

    ## Vulnerabilities

    @@ -32,11 +31,8 @@ Outline of ideas, topics to cover.
    - Local Storage
    - Session Storage

    ## Specifications/Protocols/Terms
    ## Specifications/Protocols/Terms/Standards

    - OAuth 2.0
    - OpenID Connect (OIDC)

    ## Projects

    - Node BE + React FE: Log into Google/Twitter/GitHub via OAuth + OIDC
    - System for Cross-domain Identity Management (SCIM)
  11. @taniarascia taniarascia revised this gist Jun 9, 2020. 1 changed file with 5 additions and 1 deletion.
    6 changes: 5 additions & 1 deletion auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,6 +1,6 @@
    # JavaScript Authentication & Authorization

    Outline of ideas.
    Outline of ideas, topics to cover.

    ## Prerequisites/Overview

    @@ -36,3 +36,7 @@ Outline of ideas.

    - OAuth 2.0
    - OpenID Connect (OIDC)

    ## Projects

    - Node BE + React FE: Log into Google/Twitter/GitHub via OAuth + OIDC
  12. @taniarascia taniarascia created this gist Jun 9, 2020.
    38 changes: 38 additions & 0 deletions auth.md
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,38 @@
    # JavaScript Authentication & Authorization

    Outline of ideas.

    ## Prerequisites/Overview

    - HTML, CSS, JavaScript
    - Front end/client side (Browser)
    - Back end/server side (Node)
    - REST APIs

    ## Concepts

    - Authorization
    - Authentication
    - Headers
    - Sessions
    - JSON Web Tokens (JWT)
    - Identity Provider (IDP)
    - Cross-origin resource sharing (CORS)

    ## Vulnerabilities

    - Cross-site request forgery (CSRF/XSRF)
    - Cross-site scripting (XSS)

    ## Persistence

    - Cookies
    - HTTP Only/Secure
    - Web Storage
    - Local Storage
    - Session Storage

    ## Specifications/Protocols/Terms

    - OAuth 2.0
    - OpenID Connect (OIDC)