This blog post describes implementing a Node js application that uses OAuth 2.0 to upload files in to tyhe google drive. In this project we'll use Google OAuth 2.0 for authentication, Google Drive API as the file uploader and Passport.js as the authentication middleware.
Before we begin, let's see what OAuth 2.0 is.
In Simple words, OAuth 2.0 is a authorization framework that allows third party applications to obtain limited access to a HTTP service. The access can be required by various types of clients like mobile applications, web applications etc.
There are four main grant types in OAuth 2.0.
For this project we'll be using OAuth 2.0 - Authorization Code grant type.
This grant type is widely in use as this type is capable of maintaining the confidentiality of the client while not exposing the code in public.
Step 1: Authorization Code link
Step 2: User Authorizes application.
Running the application in the local machine
Project source code is available in the GitHub repository: https://github.com/sachiniepa/SecureSoftwareDevelopmentAssignment2.git
Import the project to the local environment
Open the Project with your favourite IDE.
Run 'npm install'
Run 'npm run dev'
Application Flow
On the URL http://localhost:3000 the application displays the button to upload the files. Once the user clicks on the button, the user is redirected to the Google OAuthentication Page. After successful authentication, the user is redirected to the page which allows the user to select the files that should be uploaded.
This is the end of the blog post. Hope you all found it interesting!
Before we begin, let's see what OAuth 2.0 is.
OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 supersedes the work done on the original OAuth protocol created in 2006. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. This specification and its extensions are being developed within the IETF OAuth Working Group.- OAuth 2.0 Official Documentation
In Simple words, OAuth 2.0 is a authorization framework that allows third party applications to obtain limited access to a HTTP service. The access can be required by various types of clients like mobile applications, web applications etc.
There are four main grant types in OAuth 2.0.
- Client Credentials
- Authorization Code
- Resource Owner Password Credential
- Implicit
For this project we'll be using OAuth 2.0 - Authorization Code grant type.
This grant type is widely in use as this type is capable of maintaining the confidentiality of the client while not exposing the code in public.
Step 1: Authorization Code link
Step 2: User Authorizes application.
Running the application in the local machine
Project source code is available in the GitHub repository: https://github.com/sachiniepa/SecureSoftwareDevelopmentAssignment2.git
Import the project to the local environment
Open the Project with your favourite IDE.
Run 'npm install'
Run 'npm run dev'
Application Flow
On the URL http://localhost:3000 the application displays the button to upload the files. Once the user clicks on the button, the user is redirected to the Google OAuthentication Page. After successful authentication, the user is redirected to the page which allows the user to select the files that should be uploaded.
This is the end of the blog post. Hope you all found it interesting!
Comments
Post a Comment