|
|
|
|
|
|
by ryusage
4160 days ago
|
|
|
My understanding from my research into OAUTH2 is that most of the vulnerabilities in it are only issues in a naive implementation. They can be made secure, but it's not easy and you have to know to do it in the first place. Doesn't OpenID Connect address those issues? I know that's what Google is using now. |
|
|