<aside> 💡 <== OAuth ==>
Here is what I understand about it =>
Aakash want to login in => sharebazaar.com
But I am so lazy to type username or password there So, use option => Login with Google Login with Google => OAuth related => Open Authorization => Openely Access to Aakash's [owner] resources i.e. Resource Server to the Client [Sharebazaar] website from Google which is Authorization server who authorize Client [sharebazaar] only when Owner that is me Aakash give permission to Google to yes allow it access my data then Google allow client by putting in their allow list and give access key + authorization key and hence between their TRUST Relationship maintained
So, "access code" + "authorization code" is crucial for both Client + Owner
Access Code => Yeah you can access Google Authozation Code => Yeah you can access Owner Resource i.e. Mine[Aakash] data from Google
Thanks
</aside>
<aside> 💡 OAuth provides developers an authorization mechanism to allow an application to access data or perform certain actions against your account, from another application (the authorization server)
</aside>
Oauth →
OpenID → OAuth → Oauth 2 → OpenID Connect
Before, website Authenticate users across Multiple Website
Mean → One Website → Having many Web Services → Single User Login to One Website → And able to access all those Web Services under that One Website by just only login with Main one Website
Let's understand it in more easy manner ⇒
Target → build-muscle.com
build-muscle.com → having many more services or links under this site
like → protein.com , vitamin.com , exercise.com , connection.com, takeshake.com
Now, One user i.e Aakash register + login to → build-muscle.com
And want to access those services as mentioned above and all those services TRUST build-muscles each other
Instead of login with several services having build-muscle.com now have only one login page and he use SSO [Single Sign On] mechanism so that the user Aakash login ONE Time and Access all services under build-muscle.com
<aside> 💡 Another Example → Stackoverflow, StackExchange → Just register to only One Stack sites and can reuse same account on other Stack related sites
</aside>
SSO → Single Sign On → this mechanism was used for above authentication part.
SSO Authentication Mechanism is based on TRUST Relationship
i.e. build-muscle.com having trust on protein.com and others i.e. Stack sites having TRUST on other Stack related sites
But, we can't use StackOverflow's account to login in GitHub website because They don't TRUST Each other