TeraTech

The ColdFusion Experts: Develop | Secure | Optimize

  • Services
  • About
  • CF Alive
  • Blog
  • Podcast
  • Contact

  • Services
  • About
  • CF Alive
  • Blog
  • Podcast
  • Contact

049 OAuth 2 for Me and You (Social Login Lowdown) with Matt Gifford

November 20, 2017 By Michaela Light 2 Comments

Matt Gifford talks about “OAuth 2 for Me and You (Social Login Lowdown)” in this episode of CF Alive podcast, with host Michaela Light.

Contents

  • Episode highlights:
  • Mentioned in this episode:
  • Bio
  • Interview transcript:

Episode highlights:

  • Why use OAuth 2?
    • Saves complex login code
    • Easier for user – no more forgotten passwords
    • Single Sign On
    • Less PCI security issues – not storing emails and password
  • What is OAuth 2
    • Social login using FB, TW, Google, GitHub, BitBucket, Link, Microsoft Live, Instagram, Yahoo
    • OAuth 2 is totally different protocol from OAuth 1
      • Much simpler now
      • More secure
      • Adds scope – what permissions does it want from your FB (name, email, can post etc)
  • How does it work?
    • Header based
    • Signature = Token + key
    • JSON or URL
  • What are the the alternatives?
    • OpenID
    • SAML
  • How to use OAuth 2 from ColdFusion
    • Use a wrapper
  • What is your favor wrapper?
    • MonkehTweets
  • How to register your app with FB and other providers
    • Local dev, staging and production URLs
    • Call back URL
    • Scope
    • Client ID + token secret value
      • Save locally (not in the cloud)
      • Later option to revoke or regenerate these if you are hacked
  • What does OAuth 2 Cost?
    • Open source – free
    • Time to set up code and registration
  • CF in Cyprus
  • Why are you proud to use CF?
  • WWIT for you to make CF more alive this year?
    • Modern
    • CommandBox REPL
    • ForgeBox package management
    • Open source contributions
  • What are you looking forward to at CFCAMP?

Authentication is key when dealing with the web, certainly when calling, liaising with and using external API services. You may even need to implement ( or may already have ) your own authentication service for your apps or for others to use.

In this session, Matt will discuss the OAuth 2 protocol, what it means to be a consumer or provider, and how to navigate the handshake communications between the service. At the end of this session, you will walk taller, safe in the fact that you are filled with knowledge of OAuth 2, how to use it and how to build your own service.

Mentioned in this episode:

  • His Book  “Object-Oriented Programming in ColdFusion”
  • His book “PhoneGap Mobile Application Development Cookbook“
  • OAuth 2
    • Wiki
  • Single Sign On
  • Scotch on the Rocks conference
  • MonkehTweets
  • Twitter Social Login by Jeremy DeYoung
  • OpenID
  • SAML
  • Lucee CFML
  • CommandBox
  • ForgeBox
  • CFCAMP

And to continue learning how to make your ColdFusion apps more modern and alive, I encourage you to download our free ColdFusion Alive Best Practices Checklist.

Because… perhaps you are responsible for a mission-critical or revenue-generating CF application that you don’t trust 100%, where implementing new features is a painful ad-hoc process with slow turnaround even for simple requests.

What if you have no contingency plan for a sudden developer departure or a server outage? Perhaps every time a new freelancer works on your site, something breaks. Or your application availability, security, and reliability are poor.

And if you are depending on ColdFusion for your job, then you can’t afford to let your CF development methods die on the vine.

You’re making a high-stakes bet that everything is going to be OK using the same old app creation ways in that one language — forever.

All it would take is for your fellow CF developer to quit or for your CIO to decide to leave the (falsely) perceived sinking ship of CFML and you could lose everything—your project, your hard-won CF skills, and possibly even your job.

Luckily, there are a number of simple, logical steps you can take now to protect yourself from these obvious risks.

No Brainer ColdFusion Best Practices to Ensure You Thrive No Matter What Happens Next

ColdFusion Alive Best Practices Checklist

ColdFusion Alive Best Practices Checklist

Modern ColdFusion development best practices that reduce stress, inefficiency, project lifecycle costs while simultaneously increasing project velocity and innovation.

√ Easily create a consistent server architecture across development, testing, and production

√ A modern test environment to prevent bugs from spreading

√ Automated continuous integration tools that work well with CF

√ A portable development environment baked into your codebase… for free!

 

Learn about these and many more strategies in our free ColdFusion Alive Best Practices Checklist.

http://traffic.libsyn.com/coldfusionalive/Matt_Gifford_FINAL.mp3

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | RSS

Bio

Matt Gifford is owner and primary primate at his own development consultancy company, monkehWorks Ltd. His work primarily focuses on building mobile apps and ColdFusion development, although he's such a geek he enjoys writing in a variety of languages.

He's a published author and presents at conferences and user groups on a variety of topics. As an Adobe Community Professional and Adobe User Group manager, Matt is a keen proponent for community resources and sharing knowledge.

He is the author of “Object-Oriented Programming in ColdFusion” and “PhoneGap Mobile Application Development Cookbook” and also contributes articles and tutorials to international industry magazines. Visit Matt at www.monkehworks.com or @coldfumonkeh on Twitter.

Interview transcript:

Michael:          Welcome back to the show. I'm here with Matt Gifford, and he's joining me from Cyprus which is hot and sunny as opposed to England where I am right now which is kind of a little dreary actually. I think I was a good move you made there Matt. And we're going to be talking about OAuth 2, and how you can use that do really amazing logins on your ColdFusion apps. And we'll look at how it works, what it is, how you can use it in ColdFusion. And we’ll ask him what his favorite rapper is; and I mean code rapper, not music rapper there.

And we’ll also look at some of the intricacies of registering your app with Facebook, and Twitter, and Google and some of the other providers you can use OAuth with. And so, if you haven't met Matt before, he is a cool guy. He used to run the user group for ColdFusion in England, and he's also presented a lot of different conferences. And his company ‘Monkey Works’ does mobile apps in ColdFusion development. And he's also written a book. What's your book Matt?

Matt:               I've written a few books. The first one, I was object oriented programming in ColdFusion. I’ve written ‘Find Out Application Development’, and very quickly updated ‘Find Out For Application Development’. And a lot of magazine tutorials, and articles for UK, and [inaudible] [01:28] magazine as well.

Michael:          Well, great! Was wonderful to have you on the show today.

Matt:               Thank you very much for having me. It's a pleasure to be here.

Read more

 

Related Posts

  • Everything CF Summit 2018: Unlocking the Power of APIs w/ Adobe API ManagerEverything CF Summit 2018: Unlocking the Power of APIs w/ Adobe API Manager
  • 043 Let’s get GraphicQL! (Smart API access from CFML), with Mark Drew – Transcript043 Let’s get GraphicQL! (Smart API access from CFML), with Mark Drew – Transcript
  • 089 All about the Adobe CF Summit East 2019 ColdFusion with Kishore Balakrishnan089 All about the Adobe CF Summit East 2019 ColdFusion with Kishore Balakrishnan
  • 076 Slatwall ColdFusion eCommerce Unleashed (Beyond Shopping Carts) with Sumit Verma076 Slatwall ColdFusion eCommerce Unleashed (Beyond Shopping Carts) with Sumit Verma
  • CF India Summit: Part Two- Keeping Up to Date With Modernized ColdFusionCF India Summit: Part Two- Keeping Up to Date With Modernized ColdFusion
  • 100 CF Alive (Revolution Retrospective) with Nolan Erck and Michaela Light- Transcript100 CF Alive (Revolution Retrospective) with Nolan Erck and Michaela Light- Transcript
  • Facebook
  • Twitter
  • LinkedIn

Filed Under: CF Alive Podcast, ColdFusion

← Previous Post 048 CF Continuous Integration Plumbing with Bitbucket Pipelines with Guust Nieuwenhuis – Transcript
Next Post → 049 OAuth 2 for Me and You (Social Login Lowdown) with Matt Gifford – Transcript

Subscribe on iTunes

CF Alive Best Practices Checklist

 

Modern ColdFusion development best practices that reduce stress, inefficiency, project lifecycle costs while simultaneously increasing project velocity and innovation.

Recent Posts

  • 4 Reasons Why Your ColdFusion Web Apps Are Suffering (And How To Avoid It)
  • Google Down – An Unprecedented Event (Save Your Data Fast!)
  • 107 ColdFusion 2021 Revealing Details on How it was Created with Rakshith Naresh
  • Into The Box LatAm 2020 Virtual Conference – Free to Register!
  • Slow ColdFusion Applications May Ruin Your Business (3 Steps to Prevent It)

Categories

  • ActionScript
  • Adobe CF Summit
  • Adobe CF Summit East
  • Adobe CF Summit East 2018
  • Adobe ColdFusion 11
  • Adobe ColdFusion 2020 Beta
  • Adobe ColdFusion 2021
  • Adobe ColdFusion Project Stratus
  • Adobe ColdFusion Security
  • AIR
  • Ajax
  • AngularJS
  • Announcement
  • API
  • Apollo
  • Auto Security Lockdown
  • AWS
  • C#
  • Certification
  • CF Alive
  • CF Alive Book
  • CF Alive Podcast
  • CF Camp
  • CF Developer week
  • CF Maintenance
  • CF Summit India
  • CF Tags
  • CF Training
  • CF Vs. Other Languages
  • CFEclipse
  • CFML
  • CFML Open- Source
  • CFObjective
  • cfquery
  • CFSummit
  • CFUnited
  • China Chopper
  • CIO
  • Classes
  • Client Highlights
  • ColdBox
  • ColdFusion
  • ColdFusion 2018
  • ColdFusion 2020
  • ColdFusion 2021
  • ColdFusion 9
  • ColdFusion community
  • ColdFusion Conference
  • ColdFusion Consulting
  • ColdFusion Developer
  • ColdFusion Development
  • ColdFusion Hosting
  • ColdFusion Security
  • ColdFusion Webinar
  • CommandBox
  • Conference
  • Cool Stuff
  • Culture
  • Cybercrime
  • Database
  • Development Approach
  • DevOps
  • Docker
  • Fixinator
  • Flex
  • Frameworks
  • Fusebox
  • FusionReactor
  • Futurology
  • Garbage Collector
  • Google Down
  • Into The Box Latam
  • IntoTheBox Conference
  • Java
  • JavaScript
  • JVM
  • Learn ColdFusion
  • Legacy Code
  • Load Testing
  • Lucee
  • Management
  • MAX
  • MDCFUG Lunch
  • Microsoft Azure
  • Mindmapping
  • MockBox
  • Modernize ColdFusion
  • Monitoring
  • Muracon
  • NCDevCon
  • New Intern
  • News
  • Node.js
  • Open- Source
  • ORM
  • Ortus Developer Week
  • Ortus Roadshow
  • Performance
  • Performance Tuning
  • PHP
  • Productivity
  • Programming Languages
  • Project planning
  • Query of Queries
  • Roadmap
  • Scalability
  • Security
  • Server Software
  • Server Tuning
  • Social Media
  • Spiral Web
  • SQL
  • Success Story
  • Survey
  • Technology
  • TestBox
  • Tips
  • Transcript
  • Trapeze Development
  • Uncategorized
  • Web 2.0
  • Web Application
  • Web Server
  • Webinar
  • Webmail
  • What is ColdFusion?
  • Whole Brain Development
  • Women in Tech
  • Work From Home

Recent Comments

  • Michaela Light on A Comprehensive Guide to Running a Successful CFML Project
  • Michaela Light on Is Lucee CFML now better than Adobe ColdFusion?
  • Michaela Light on Introducing Swansea Jack (Lucee CFML 6 announced)
  • Michaela Light on 082 ColdFusion and the Blockchain Revolution with Mike Brunt
  • Michaela Light on 082 ColdFusion and the Blockchain Revolution with Mike Brunt
  • Home
  • Services
  • About Us
  • CF Alive
    • CF Alive Book
    • CF Alive Inner Circle
    • CF Alive full resources cheatsheet
  • Blog
  • Podcast
    • Podcast Guest schedule
  • Contact
  • Sitemap

The ColdFusion Experts:
Develop, Secure, Optimize

TeraTech Inc
451 Hungerford Drive Suite 119
Rockville, MD 20850

Tel : +1 (301) 424 3903
Fax: +1 (301) 762 8185

Follow us on Facebook Follow us on LinkedIn Follow us on Twitter Follow us on Pinterest Follow us on YouTube

Copyright © 1998–2021 TeraTech Inc. All rights Reserved.