I am using the web server API for my application, and I am stuck in the process of figuring out which authentication method should I use to authenticate user requests (as well as other client applications). I think I really did not understand what OAuth and other authentication protocols were made for.
I want authentication to be done without the intervention of a web browser, completely from my iPhone application or other custom third-party client. Is session-based authentication a good way out here? How (for example) does the Facebook iPhone client authenticate using the web API? I don't think it uses OAuth or something like that, since the touch login / authorization form is not displayed. OAuth, as far as I know, is used only for third-party applications. But why is this so? Could the iPhone client be considered a third-party application?
I apologize if my questions are vague and unclear, please indicate me the missing data, etc. Thank.
"" OAuth , . , , OAuth, , OAuth, . OAuth , , ... .
. Facebook iPhone OAuth , . . , Facebook, , , .
, cookie , . , , OAuth, , , , , YGNI, .
Source: https://habr.com/ru/post/1759497/More articles:Как проверить правильность XML в отношении XML-схемы в ActionScript? - flexWhich SCM can conveniently handle 90,000 files - gitWhat is the point of writing a dynamic query in a stored procedure - sql.NET version of Java assertGC: tesing module memory leaks - garbage-collectionKey issue focus key SWT GlobalListener - javaIn MySQL, is a BIT column a suitable way to store 5, 6, or 7 byte integers? - typesEclipse - Google Guice - javaLong delay [~ 1s] between the browser trying to connect and Socket.Accept () - javascriptMany assemblies and the world of Blackberry applications - blackberryjQuery doesn't start the second time a page is called via ajax - jqueryAll Articles