Upgrade to Pro — share decks privately, control downloads, hide ads and more …

[re] renren.com oauth implementation

Avatar for hbrls hbrls
November 07, 2012
Technology
100
1

[re] renren.com oauth implementation

Avatar for hbrls

hbrls

November 07, 2012

More Decks by hbrls

See All by hbrls
[re] taobao-cross-device-development
Avatar for hbrls hbrls
0
80
the meta-analysis method
Avatar for hbrls hbrls
1
70
what do sns users want
Avatar for hbrls hbrls
0
120

Other Decks in Technology

See All in Technology
EventBridge Connection
Avatar for kensh _kensh
5
710
LayerXにおけるセキュリティ管理の現在地と次の一手
Avatar for tosho tosho
0
180
2026TECHFRESH畢業分享會 - Lightning Talk - 打造精準高效的 MCP 設計模式與測試實務
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1k
2026 TECHFRESH 畢業分享會 - AI-Native 重塑軟體工程與虛擬講師
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1k
Android の公式 Skill / Android skills
Avatar for Yuki Anzai yanzm
0
140
社内 AI エージェント Synapse と セマンティックレイヤーの育て方
Avatar for Hiroaki Sano hiroakis
3
1.9k
2026TECHFRESH畢業分享會 - 原生還是跨平台? App 開發踩坑實錄
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1k
【NRUG vol.18】なぜ多くのオブザーバビリティ導入は失敗するのか
Avatar for NRUG member nrug_member
0
130
MUSUBI 田中裕一『AIと共に行う「しごとのリデザイン」- スモールバックオフィス編』AI Ops Lab #4
Avatar for MUSUBI musubi
0
180
非エンジニアがClaudeと挑んだ「1ヶ月間プロダクト30本ノック」
Avatar for kinako askokc
0
500
AmazonRoute 53ではじめてのドメイン取得!HTTPS化までの道のりを整理してみた
Avatar for usanchuu usanchuu
3
140
GitHub Copilot 最新アップデート – 「一歩先」の実践活用術
Avatar for zhang.william moulongzhang
2
340

Featured

See All Featured
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
620
Scaling GitHub
Avatar for Zach Holman holman
464
140k
The Language of Interfaces
Avatar for Des Traynor destraynor
162
27k
How GitHub (no longer) Works
Avatar for Zach Holman holman
316
150k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
250
1.3M
Building Experiences: Design Systems, User Experience, and Full Site Editing
Avatar for Michelle Schulp Hunt marktimemedia
0
530
Introduction to Domain-Driven Design and Collaborative software design
Avatar for Kenny Baas-Schwegler baasie
1
840
Visualization
Avatar for Eitan Lees eitanlees
152
17k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
49
10k
The Mindset for Success: Future Career Progression
Avatar for Greg Gifford greggifford
PRO
0
360
KATA
Avatar for Megan Lloyd mclloyd
PRO
35
15k

Transcript

  1.          

       RR  Service               RR  Client              RR SDK/  Third  Apps  1 第三方app请求sso  取得 App标 识   2 3 请求OAuth服务  验证第三 方应用  4 5 0 User 登录  用户授权信息  展示给用 户,用户 授权  6 返回授权页面  7 生成Token  9 返回Token  A 将Token交给第三方app  验证是否是RR客 户端  8

  2. Access Token的设计  •  Access Token的组成 •  生成Access Token(sig &

    expires)  sig life expires user 1000|2.b9fa896206de940a2b9cf416ffa30e83.3600.1271271600-240650143 type app expires = current + life; //每天随机生成UUID:key date = (Date) current key = getEncryptionKey(date); sig = md5sum(type + life + expires + user + app + key);

  3. Access Token的设计  •  Access Token的检验 if (current > expires)

    return false; date = expires – life; key = getEncryptionKey(date); sig2 = md5sum(type + life + expires + user + app+ key); if (sig == sig2) return true; return false;