فهرست مطالب

• Contents
• Foreword
• Preface
• Part I. Introducing Cloud Native OAuth
• Chapter 1. Why Do You Need OAuth?
• API-First Security
• What Is OAuth 2.0?
• Zero Trust Security
• API Supporting Components
• Cloud Native Platforms
• Summary
• Chapter 2. OAuth 2.0 Distilled
• Roles
• The Abstract Flow
• The Access Token
• Client Capabilities
• OpenID Connect
• OAuth Evolution
• Sessions and Lifecycle
• Summary
• Chapter 3. Security Architecture
• What Is an API Security Architecture?
• Functions in the API Security Architecture
• The Role of the Client
• The Role of the Access Token
• What Security Components Do You Need?
• The Role of the Authorization Server
• The Role of the API Gateway
• The Role of the Policy Engine
• API Responsibilities
• Client Responsibilities
• Operating Security Components
• Extending OAuth
• Summary
• Chapter 4. OAuth Data Design
• Authorization Server Data
• OAuth Configuration Settings
• Designing User Accounts
• User Management APIs
• Multiregion
• Multitenancy
• User Migration Code Example
• Summary
• Part II. Securing APIs with Tokens
• Chapter 5. Secure API Development
• Unified API Security with JWT Access Tokens
• Validating JWT Access Tokens
• API Authorization Logic
• Handling Token Expiry in APIs
• Testing Zero Trust APIs
• API Code Example
• Summary
• Chapter 6. Access Token Design
• The Access Token Contract
• Understanding Token Scope
• Understanding Token Claims
• Obtaining the User’s Consent
• Managing Access Tokens at Scale
• Designing Token Sharing
• Summary
• Chapter 7. Secure Access Tokens
• Secure Access Token Requirements
• Access Token Formats
• Access Token Delivery
• Hardening Access Tokens
• Summary
• Chapter 8. Proxies, Gateways, and Sidecars
• HTTP Proxies, Ingress, and Egress
• The API Gateway Role
• Exposing APIs in Kubernetes
• Terminating Tokens
• The Service Mesh Role
• API Gateway Extensibility Example
• Summary
• Chapter 9. Entitlements
• Access Control Models
• The Role of Token-Based Authorization
• Benefits of an Entitlement Management System
• Scalable Authorization
• Open Policy Agent
• Summary
• Part III. Operating Cloud Native OAuth
• Chapter 10. Workload Identities
• Workload Identity Issuance
• Implementing Request Confidentiality
• Restricting Workload Access
• Hardening Credentials
• Limitations of Workload Identities
• Workload Identities Code Example
• Summary
• Chapter 11. Managing a Cloud Native Authorization Server
• Hosting
• Deployment
• Data Operation
• Reliability
• Security Auditing
• Summary
• Part IV. Securing API Clients
• Chapter 12. OAuth for Native Applications
• The Code Flow
• Implementing OAuth Clients
• Hardening Security
• Browserless User Authentication
• Code Examples
• Summary
• Chapter 13. OAuth for Browser-Based Applications
• Web Application Basics
• Browser Security Threats
• Web Security Mechanisms
• Implementing OAuth Using JavaScript
• Implementing OAuth Using a Backend for Frontend
• Browser-Based Application Code Example
• Summary
• Chapter 14. User Authentication
• Modern Authentication Flows
• User Authentication Methods
• User Authentication Techniques
• User Authentication Lifecycle
• Zero Trust User Authentication Example
• Summary
• Index
• About the Authors