BlemeBearer of Good News
PeerTube
Habr[Перевод] DPoP: что это такое, как работает и почему Bearer-токенов недостаточно
Bearer-токен работает слишком просто: кто его получил, тот и авторизован. Именно поэтому утечки токенов регулярно превращаются в реальные инциденты — от CI/CD до облачных хранилищ. В новом переводе от команды Spring АйО рассмотрим, как DPoP меняет эту модель, привязывая токен к ключу клиента, зачем это нужно backend-разработчику и как поднять рабочую реализацию на Keycloak и Quarkus.
https://habr.com/ru/companies/spring_aio/articles/1015544/
#java #kotlin #dpop #ci #cd #bearer #security #безопасность #безопасность_вебприложений #безопасность_в_сети
Erik C. ThauvinDPoP: What It Is, How It Works, and Why Bearer Tokens Aren’t Enough
#bearer #cryptography #dpop #java #oauth #security #token
https://foojay.io/today/dpop-what-it-is-how-it-works-and-why-bearer-tokens-arent-enough/
John Griogair Bell“If a famous painting changed owners, if a precious manuscript was sold at auction, if an old palace burned down, if the bearer of an aristocratic name was involved in a scandal, the readers of many thousands of feature articles at once learned the facts. What is more, on that same day or by the next day at the latest they received an additional dose of anecdotal, historical, psychological, erotic, and other stuff on the catchword of the moment.”
#additionalDose #anecdotal #aristocraticName #atTheLatest #bearer #book #burnedDown #catchword #changedOwners #ClassicAmericanLiterature #ClassicLiteratureFiction #Classics #erotic #facts #famousPainting #featureArticles #games #GamesFiction #GermanLiterature #germany #hermannHesse #historical #involvedInAScandal #learned #literaryFiction #magisterLudi #manyThousands #moment #nextDay #oldPalace #otherStuff #preciousManuscript #psychological #quote #readers #received #sameDay #Scholars #ScholarsGermanyFiction #soldAtAuction #TheGlassBeadGame
Zelestian PhD memes#knowledge #light #bearer #phdstudent #doctoratestudent #phd #doctorate #motivation #meme #memes #phdmotivation #phdmeme #phdmemes #phdlife #phdstudentlife #phdtroll #doctoratemotivation #doctoratememe #doctoratememes #doctoratelife #doctoratestudentlife #doctoratetroll
Michael SimonsEverybody who is happy about #Garmin having rolled out #ECG in the #EU and has now #2fa enabled in their account but still want to script a thing or two with #JWT and #Bearer from the site, rejoice… My login script can now deal with that, too… Love #curl and #jq
https://github.com/michael-simons/garmin-babel/blob/main/bin/retrieve_garmin_tokens_2fas.sh
Now I wait for a new firmware for my watch, because I'm on a beta on which ECG is disabled, lol…
damienbodNew Microsoft docs: Configure JWT bearer authentication in ASP.NET Core
https://learn.microsoft.com/aspnet/core/security/authentication/configure-jwt-bearer-authentication
#jwt #aspnetcore #dotnet #oidc #bearer #authorization #access #security
Thanks Mike Kistler Rick Anderson Stephen Halter
Blogged: ASP.NET Core user application access token management
https://damienbod.com/2025/01/20/asp-net-core-user-application-access-token-management/
#jwt #aspnetcore #dotnet #oidc #bearer #authorization #access #security
dbreadOne of the authors name of RFC 6750 sounds like a spy legend. "**** *****".
Sorry man :D
RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
This specification describes how to use bearer tokens in HTTP requests to access OAuth 2.0 protected resources. Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. [STANDARDS-TRACK]
Kara Finance