. . . "%META:TOPICPARENT{name=\"OpenLinkVirtuoso\"}%\n---++ What is OAuth?\n\nThe OAuth protocol enables websites or applications (Consumers) to \naccess Protected Resources from Web services (Service Providers) via \nan API, without requiring Users to disclose their Service Provider credentials \nto those Consumers. More generally, OAuth creates a freely-implementable and\ngeneric methodology for API-oriented authentication.\n\nFor Consumer developers, OAuth is a method to publish and interact with \nprotected data.\n\nFor Service Provider developers, OAuth gives users access to their data \nwhile protecting their account credentials.\n\nOne use case would be allowing a printing service, printer.example.com (the \nConsumer), to access private photos stored on photos.example.net (the Service \nProvider), without requiring Users to reveal their photos.example.net \ncredentials to printer.example.com.\n\n---+++ Why is it important?\n\nOAuth allows the user to selectively grant access to their private resources \nhoused on one site (called the Service Provider), to another site (called \nthe Consumer). In other words, OAuth enables you to grant access to some \nof your information without sharing all of your identity.\n\nOAuth does not require a specific user interface or interaction pattern, nor \ndoes it specify how Service Providers authenticate Users, making the protocol \nideally suited for cases where authentication credentials are unavailable to \nthe Consumer, such as with OpenID.\n\nOAuth aims to unify the experience and implementation of delegated web service \nauthentication with a single, community-driven protocol. OAuth builds on \nexisting protocols and best practices that have been independently implemented \nby various websites. An open standard, supported by large and small providers \nalike, promotes a consistent and trusted experience for both application \ndevelopers and the users of those applications.\n\n---+++ How does it work?\n\nWhat is publicly known as \"OAuth\" is really the \"OAuth Core 1.0\" \nspecification. The \"Core\" designation is used to stress that this is the \nskeleton upon which other extensions and protocols may be built. OAuth Core 1.0 \ndoes NOT by itself provide many desired features such as automated discovery of \nendpoints, language support, support for XML-RPC and SOAP, standard definition \nof resource access, OpenID integration, a full range of signing algorithms, or \nany number of other great ideas posted to the OAuth group.\n\nThis was intentional and is viewed by the authors as a benefit. As the name \nimplies, Core deals only with the most fundamental aspects of the protocol:\n\n * Establish a mechanism for exchanging a username and password for a token \nwith defined rights \n * Provide tools to protect these tokens\n\nMore details can be found [[http://oauth.net/documentation/getting-started][here]].\n\n\n---++ What are OAuth Access Tokens?\n\nCredentials bearing tokens enable a user to provide their credentials in tokenized form in cases \nwhere HTTP redirection to a browser plus human interaction is unavailable or unsuitable. For example, \nintermediary intelligent agents, mobile phones, or set-top devices.\n\n---+++ How does it work?\n\n---++++ Request Authentication\nTo request an Access Token in this model, the Consumer makes an HTTP \nrequest to the Service Provider's Access Token URL. The authentication \nrequest contains [nine] parameters contained in the HTTP Authorization \nheader or as URL parameters. Parameter names and values must be \n\"percent-encoded\" to handle characters in different character sets. The \nrequest should be performed using TLS, and should use HTTP POST.\n\n---++++ Receive Authentication\nBefore granting an access token, the Service Provider must ensure that the \nrequest signature has been successfully verified as per OAuth,\nthat a request with the supplied timestamp and nonce has never been \nreceived before, and that the supplied username and password match a\nUser's credentials. If successful, the Service Provider generates an \nAccess Token and Token Secret using a 200 Ok response and returns them\nin the HTTP response body.\n\n---++++ Access Protected Resources\nAfter successfully receiving the Access Token and Token Secret, the \nConsumer is able to access the Protected Resources on behalf of the User \nas per section 7 of the OAuth core specification. In other words, the Access \nToken obtained here is no different in capability to the Access Token\nspecified by OAuth. Once authenticated using the above process, the \nConsumer will sign all subsequent requests for the User's Protected\nResources using the returned Token Secret.\n\n\n---++ Additional Information\n\n---+++ General OAuth Information\n\n * [[http://www.hueniverse.com/hueniverse/2007/09/explaining-oaut.html][Explaining OAuth]]\n * [[http://www.hueniverse.com/hueniverse/2007/10/beginners-gui-1.html][Visual OAuth Usage Example]]\n * [[http://www.hueniverse.com/hueniverse/2008/10/beginners-guide.html][OAuth Beginners Guide - Part 3]]\n * [[http://oauth.net/core/1.0][OAuth specification]]\n * [[http://oauth.net/documentation/getting-started][Getting Started with OAuth]]\n * [[http://xml.coverpages.org/draft-dehora-farrell-oauth-accesstoken-creds-00.txt][OAuth Access Tokens Using Credentials specification]]\n * [[http://xml.coverpages.org/draft-hammer-oauth-00.txt][OAuth: HTTP Authorization Delegation Protocol specification]]\n * [[http://groups.google.com/group/oauth][Google OAuth Group]]\n * [[http://step2.googlecode.com/svn/spec/openid_oauth_extension/drafts/0/openid_oauth_extension.html][OAuth & OpenID Combined]] - Protocol Extension\n\n---+++ Virtuoso- and OpenLink-specific OAuth Information\n\n * [[VirtuosoOAuthServer][Virtuoso OAuth server]]\n * [[VirtAuthServerUI][Virtuoso Authentication Server UI]].\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthControllers][Using OAuth with ODS]]\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquity][ODS Ubiquity Commands]]\n * [[VirtOAuth][Virtuoso OAuth Implementation]]\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsControllers][ODS Controllers]] \n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtODSOAuthQA][Testing Virtuoso OAuth with 3rd Party OAuth Clients]]\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquityTutorialsOAuth][OAuth Ubiquity Tutorial]]\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthTestTool][Virtuoso OAuth Test Tool for ODS Controllers]]\n * [[VirtOAuthSPARQL][Virtuoso SPARQL OAuth Tutorial]]\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquityTutorials][ODS Ubiquity Tutorials]]\n * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthExamples][OAuth Applications Authentication examples]]\n * [[http://oauth.net/core/1.0/][OAuth API]]" . . . . . . . . . . . . . . . . . . . . . . . . "OAuth" . "OAuth" . . . . . "673744f3c25674f26f1376128c1c3160" . "OAuth" . "2017-06-13T05:37:43Z" . . . "2017-06-13T05:37:43Z" . . . . "2017-06-13T05:37:43.879159"^^ . "2017-06-13T05:37:43.879159"^^ . . .