Hello Technos

this application was created by spring boot. it has 3 major component those are authorization server, resource server and client-server. each component should have unique tomcat instance to running itself. Client-Application:  this application is running on localhost:9999 port. it has 3 classes, which are in main/java directory. those classes are App.java, AppController.java and AppRestController.java also, the client application has index.html file and some other clients site languages file within the resource/static file. App.java is main class for this client application. AppConroller class sets paths for each file. last class is AppRestController. it will do OAuth follows. Authorization server:  it is running on localhost:8081 and also it has 3 classes which are AuthorizationServer.java, OAuthConfig.java and SecurityConfig.java. 1st one is main class it uses to run the application. another one contains OAuth protocol functions. the last one defines the security aspect of ea

Note: If you have any doubt about the Facebook application technology ( OAuth protocols) please refer this link and also this link teaches, how to create facebook application dashboard on your facebook account. STEP 1 ( Authorization code request ) In order to obtain the authorization code from Facebook, we have to send a HTTP GET request to the Authorize Endpoint of Facebook, which is https://www.facebook.com/dialog/oauth . Along with the request, you should have several parameters which are described below. Parameter Name Description Sample Value Response_type What will you get back from HTTP GET request code Client_id This is app id given by facebook 1746117745691626 Redirect_url Your app domain, which is given by you. Also it is called as redirection endpoint. It defined in facebook login setting. http://localhost:8080 scope What permission you Need to get from users. If you want

We can see these kinds of option on lots of website and also we are using lots of funny third parties application within the Facebook and other social media. before learning about the Facebook application, we have to know about the base technology of facebook application. all third-party applications are powered by OAuth protocol if you have any clarification about this protocol, you can refer this link as well. we have to create the sperate admin panel for each and every facebook application. so you can create the application dashboard by visiting "https://developers.facebook.com/". after visiting given URL, you can see "my App" option on the respective webpage right top corner. then click it. after clicking "my App" option you will redirect to another page. it has your all Facebook applications, information which is created by you and also, you can create the new Facebook application as well. after clicking on the green button you will ge

In the early days, if we want to make some authorized actions for others account, we have to know others username and password. let's take Bob and Alice google calendar flow as an example. If Bob wants to make an appointment for on Alice calendar, he should want to get Alice username and password. So Alice must provide his credentials to Bob. but if Bob will get the Alice credential, he can access Alice email and other stuff as well. this was being a major security issue for everyone at the earliest stage. so people were thinking about this problem and they came with a solution. it is called oAuth. What is oAuth protocols? oAuth is a framework that allows for accessing third parties to the user resources with user permissions. but without sending user credentials( username and password) and also third parties can only access the user resources which are permitted by the resource owner. Components of oAuth Third parties application Authorization server Resource se

we should give execute permission to shell script file before use shell script on my computer. so blow image shows how to provide execute permission for the user. and also, it contains execute the command after execute the app.sh terminal will show the welcome interface. that interface contains symmetric encryption, asymmetric encryption, and exit part. If i choose symmetric encryption technique system will ask for the operation. when i will choose encryption part system provides encryption algorithms information so we may select one of the above algorithms. after this system ask encryption key from the user. if a user provides the password, the system shows the status and store the encrypted file into the computer. likewise, decryption functions also will happen. Note we must use the same key for encryption and decryption. if you choose asymmetric encryption system will ask same questions but the last question is different(system ask to choose key option). i choose

the cookie is a connector that is interconnected with server and client. and also, the server identifies each client based on cookies. lets we take Facebook as an example. when we try to login to the Facebook, if we already Sign on Facebook through the current browser Facebook show your homepage otherwise Facebook shows the login page. if was anyone thinking how is facebook identify the correct user account for each client request? that functions are working to based only on cookies.  Attributes of cookies  Name: it likes a normal name. it is only useful for identifying the cookies Content: its contain actual values of cookies Domain: it shows the actual domain for this cookie. Path: its contain the access permission of this cookie Secure flags (send for) : enable encryption connection. HttpOnly: prevent from javascript attacks. Expire date: after this date, we can not connect the server through this cookie.  this screenshot has sample java code for creating the c

this application has two main component one is session maintaining with the cookie, another one is the security of cookies. above login page contain four type of login. each login based on different types of cookies. normally cookie based on two flags those are httpOnly flags and secure flag each flag define different manner but both are used for security purpose. secure flags  it enables the encryption connection between the server and clients. secure flags are created for only https connections. httpOnly flags this is helped to prevent from session hijacking. This cookie can not allow javascript run on it. login methods   NO: it does not have secure and httpOnly flags so this cookie hasn't any security things. blow images describe the attribute of cookies. HttpOnly: this option has only httpOnly flags so we can not run javascript on this cookie Secure: its contain the secure flag so this connection should be encrypted but we can r