Aaron Parecki

#oauth

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

• Validating OAuth 2.0 Access Tokens with NGINX and NGINX Plus - NGINX (www.nginx.com)

  Tue, May 14, 2019 4:12pm +02:00 #nginx #oauth
• Portland (PDX) to Frankfurt (FRA)

  May 9, 2019 at 3:35pm (-0700) until May 10 at 11:10am (+0200)

  Condor Flight 2091

  Frankfurt (FRA) to Duesseldorf (DUS)

  May 10, 2019 from 1:05pm to 1:55pm (+0200)

  Lufthansa Flight 078

  

  Dusseldorf in Duesseldorf

  1 mention

  permalink #indiewebcamp #oauth
• Düsseldorf

  May

  9

  May

  …

  May

  16

  May 9-16, 2019
  8 days

  Düsseldorf

  Düsseldorf, North Rhine-Westphalia, DE

  permalink #indiewebcamp #oauth #btconf #okta
• San Jose (SJC) to Portland (PDX)

  May 2, 2019 from 6:00pm to 7:45pm (-0700)

  Alaska Flight 309

  

  Portland Intl in Portland

  1 mention

  permalink #okta #oauth #iiw
• 

  Browser APIs have gotten so much better lately! Way easier to do @oauth_2 PKCE in a browser now:
  
  ✅ good random number generators
  ✅ secure hashing functions
  
  Just missing a good base64 encoding function. (Check out the ugly hack in the post.)
  
  https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead#begin-the-pkce-request

  Mountain View, California, USA • 49°F

  5 likes 1 repost 5 replies

  Thu, May 2, 2019 8:25am -07:00 #oauth #javascript #pkce
• 

  Just in time for #iiw I published a blog post: "Is the OAuth 2.0 Implicit Flow Dead?" https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead

  Mountain View, California, USA • 49°F

  18 likes 9 reposts 6 replies

  Wed, May 1, 2019 9:30am -07:00 #oauth #iiw
• Portland (PDX) to San Francisco (SFO)

  May 1, 2019 from 6:00am to 7:50am (-0700)

  Alaska Flight 1264

  

  San Francisco Intl in San Francisco

  1 mention

  permalink #okta #iiw #oauth
• Internet Identity Workshop 28

  Apr

  30

  May

  2

  April 30 through May 2, 2019
  3 days

  Computer History Museum

  Mountain View, California, US

  permalink #oauth #iiw #okta
• #110293 Insufficient OAuth callback validation which leads to Periscope account takeover (hackerone.com)

  Fri, Apr 12, 2019 11:37pm -07:00 #oauth #twitter #security
• Aaron Parecki https://aaronparecki.com/

  Standing room only for my talk at #oktane19! 🎉 "OAuth: When Things Go Wrong" I had a blast, thanks everyone for coming to the session!
  The video will be posted to the @okta YouTube channel soon! .
  .
  .
  #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail 📷 @quorralyne

  

  San Francisco, California • 49°F

  Wed, Apr 3, 2019 3:48pm -07:00 (liked on Thu, Apr 4, 2019 7:35am -07:00) #oktane19 #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail
• 

  Standing room only for my talk at #oktane19! 🎉 "OAuth: When Things Go Wrong" I had a blast, thanks everyone for coming to the session!
  The video will be posted to the @okta YouTube channel soon! .
  .
  .
  #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail 📷 @quorralyne

  

  Moscone West Convention Center in San Francisco, California, USA • 49°F

  20 likes 1 repost 2 replies

  Wed, Apr 3, 2019 3:48pm -07:00 #oktane19 #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail
• OAuth: When Things Go Wrong

  Apr

  3

  April 3, 2019 2:00pm - 3:00pm (-0700)

  Moscone Center

  San Francisco, California, US

  Oktane19

  View Slides

  Watch Video

  permalink #okta #oktadev #oauth
• 

  at InterContinental San Francisco

  San Francisco, California • Mon, April 1, 2019 7:15am

  37.782005 -122.404512

  Setting up for my all day #OAuth workshop!

  

  San Francisco, CA, United States

  26 Coins

  Mon, Apr 1, 2019 7:15am -07:00 #oauth
• Prague (PRG) to London (LHR)

  March 30, 2019 from 11:15am (+0100) to 12:30pm (+0000)

  American Flight 6634

  London (LHR) to Phoenix (PHX)

  March 30, 2019 from 1:45pm (+0000) to 5:45pm (-0700)

  American Flight 6198

  Phoenix (PHX) to San Francisco (SFO)

  March 30, 2019 from 8:40pm to 10:48pm (-0700)

  American Flight 597

  

  San Francisco Intl in San Francisco

  permalink #okta #oauth #ietf #ietf104
• IETF 104 OAuth Session

  Mar

  28

  March 28, 2019 9:00am - 10:30am (+0100)

  Hilton Prague

  Praha, Hlavní město Praha, CZE

  permalink #ietf #oauth #okta #ietf104
• Portland (PDX) to Los Angeles (LAX)

  March 26, 2019 from 6:18am to 8:53am (-0700)

  American Flight 6056

  Los Angeles (LAX) to London (LHR)

  March 26, 2019 at 5:35pm (-0700) until Mar 27 at 10:55am (+0000)

  American Flight 6185

  London (LHR) to Prague (PRG)

  March 27, 2019 from 2:40pm (+0000) to 5:45pm (+0100)

  American Flight 6635

  

  Ruzyne in Prague

  permalink #okta #oauth #ietf #ietf104
• Vladimir Dzhuvinov https://twitter.com/dzhuvi

  . @dwaite Let's not forget browser based apps could also do without #OAuth, or use a simple backend to handle client side #OAuth #osw2019

  

  • 54°F

  Wed, Mar 20, 2019 3:28pm +00:00 (liked on Thu, Mar 21, 2019 7:26am +09:00) #OAuth #OAuth #osw2019
• Vladimir Dzhuvinov https://twitter.com/dzhuvi

  It's high time to retire the #OAuth 2.0 implicit grant. Browser-based apps should use the code flow with CORS XHR to retrieve the token(s) #osw2019

  

  • 54°F

  Wed, Mar 20, 2019 1:45pm +00:00 (liked on Thu, Mar 21, 2019 7:26am +09:00) #OAuth #osw2019
• Mike Jones https://twitter.com/selfissued

  OAuth Device Flow spec renamed to “OAuth 2.0 Device Authorization Grant” http://self-issued.info/?p=1959 #IETF #OAuth @WilliamDenniss

  Portland, Oregon • 49°F

  Tue, Mar 12, 2019 4:39am +00:00 (liked on Mon, Mar 11, 2019 9:44pm -07:00) #IETF #OAuth
• 

  I'm not at @devnexus this year, but my #OAuth books are! You can win a copy if you're there!
  https://twitter.com/oktadev/status/1103679346122915840

  Portland, Oregon, USA

  4 likes 1 reply

  Thu, Mar 7, 2019 9:02am -08:00 #oauth #okta