Working with OAuth2 can be a real pain whether on client or on server side. The standard introduced in 2012 is still a so called proposed-standard and every implementer interprets this standard differently. For developers the OAuth2 flow is often seen as some kind of magic and many of them are struggeling to get into the topic. In this session we will take a look at the protocol flow and the different grant flows. In addition to a theoretical overview we will implement an OAuth2 Flow in a futureproof and safe way.
Johannes Pichler is a Lead Web Developer working at karriere.at, the biggest job platform in Austria. At karriere.at he is building RESTful APIs and the karriere.at website powered by Laravel. In his spare time Johannes loves to contribute to open source projects like laravel.io and other PHP/Laravel related projects. Based on his former experiences he forces his team mates and himself to follow a test-driven development approach and to use supportive tools as efficient as possible.