(Reading time : 2.5 min)
FileX is a smart file manager . Users can browse a file and upload to Google Drive through this application.
 |
| Fig 1.0 |
Once the user launches this application , it is required for them to log in using their Google Accounts to proceed . As shown in fig2.0 below ,then the user is prompt to input the credentials of the Google account.
 |
| Fig 2.0 |
 |
| Fig 3.0 |
Then the user is redirected to the next screen which is to browse for the file he needs to upload , as shown in fig 4.0 below.
 |
| Fig 4.0 |
From the file browser , the user can select a file of his choice to be uploaded to Google Drive . In this example , an image file named "Untitled" is being selected.
 |
| Fig 5.0 |
 |
| Fig 6.0 |
The uploaded file will then be available in Google drive
OAuth is a smart strategy which could be used to avoid exposing passwords of users to third party applications but still allow resource access to them . Instead of sharing passwords , OAuth uses an authorization token to prove the identity of a user within the service provider .
Authorization and Authentication are two buzzwords frequently heard in the secure software development domain. As illustrated in fig 9.0 above, Authorization refers to requesting permission to access a resource or to execute a certain process while Authentication is the process of verifying who the user is in order to distinguish which resources he has access to.
In a summary , FileX is a web application . It utilizes the OAuth framework to access resources through the Google Drive API.
 |
| Fig 7.0 |
What is behind FileX ?
FileX uses the OAuth2.0 an open-standard authorization framework which enables the applications to obtain access to resources belonging to user accounts upon HTTP services, such as Google and Facebook. This web application consumes the service of both an OAuth Authorization Server and an OAuth Resource Server .
The OAuth message flow defines four different roles :
The OAuth message flow defines four different roles :
- Resource Owner
- Client
- Resource Server
- Authorization Server
Resource Owner is basically the user who authorizes the application to access the resources belonging to their account . Based on the granted authorization , the access to the user's account is limited . Client here is the FileX web application . Google is considered as the Authorization Server and Google Drive API acts as the Resource Server.
 |
| Fig 9.0 Source :www.ssl2buy.com |
Authorization and Authentication are two buzzwords frequently heard in the secure software development domain. As illustrated in fig 9.0 above, Authorization refers to requesting permission to access a resource or to execute a certain process while Authentication is the process of verifying who the user is in order to distinguish which resources he has access to.
In a summary , FileX is a web application . It utilizes the OAuth framework to access resources through the Google Drive API.
Comments
Post a Comment