Skip to content

Commit 53bec7e

Browse files
mongzzamongzza
committed
Update about oauth
1 parent 652f0e4 commit 53bec7e

File tree

2 files changed

+45
-1
lines changed

2 files changed

+45
-1
lines changed

โ€ŽREADME.md

+2-1
Original file line numberDiff line numberDiff line change
@@ -201,7 +201,8 @@
201201
* ํŒจ์Šค์›Œ๋“œ ์•”ํ˜ธํ™” ๋ฐฉ๋ฒ•
202202
* SQL Injection ๊ณต๊ฒฉ
203203
* CSRF ๊ณต๊ฒฉ
204-
* XSS ๊ณต๊ฒฉ
204+
* XSS ๊ณต๊ฒฉ
205+
* OAuth
205206

206207
## 11. ETC
207208
:arrow_forward: [๋‹ต๋ณ€ ๋‚ด์šฉ](/contents/etc.md)

โ€Žcontents/security.md

+43
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
- [SQL Injection ๊ณต๊ฒฉ](#sql-injection-๊ณต๊ฒฉ)
77
- [CSRF ๊ณต๊ฒฉ](#csrf-๊ณต๊ฒฉ)
88
- [XSS ๊ณต๊ฒฉ](#xss-๊ณต๊ฒฉ)
9+
- [OAuth](#oauth)
910

1011
---
1112

@@ -124,6 +125,48 @@
124125
> :arrow_double_up:[Top](#9-security) :leftwards_arrow_with_hook:[Back](https://github.com/WeareSoft/tech-interview#9-security) :information_source:[Home](https://github.com/WeareSoft/tech-interview#tech-interview)
125126
> - []()
126127
128+
### OAuth
129+
#### OAuth ๊ฐœ๋…
130+
- ์‚ฌ์šฉ์ž๊ฐ€ ์–ด๋–ค ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์„ ์ด์šฉํ•  ๋•Œ, ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์ž…๋ ฅํ•˜์ง€ ์•Š๊ณ  OAuth๋ฅผ ์ œ๊ณตํ•˜๋Š” ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์˜ ๊ณ„์ • ์ •๋ณด๋ฅผ ๊ณต์œ ํ•˜์—ฌ ์ ‘๊ทผ ๊ถŒํ•œ์„ ๋ถ€์—ฌํ•  ์ˆ˜ ์žˆ๋Š” ์ˆ˜๋‹จ
131+
- OAuth๊ฐ€ ์‚ฌ์šฉ๋˜๊ธฐ ์ „์—๋Š” ๋ณด์•ˆ์ด ์ทจ์•ฝํ•œ ๊ตฌ์กฐ
132+
- ๊ฐ ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์ด๋‚˜ ์›น ์‚ฌ์ดํŠธ๋งˆ๋‹ค ๊ฐœ๋ณ„์ ์ธ ์ธ์ฆ ๋ฐฉ์‹์œผ๋กœ ์•„์ด๋””์™€ ๋น„๋ฐ€๋ฒˆํ˜ธ๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ๋กœ๊ทธ์ธ
133+
- OAuth๋Š” ์ œ๊ฐ๊ฐ์ธ ์ธ์ฆ๋ฐฉ์‹์„ ํ‘œ์ค€ํ™”ํ•œ ๊ฒƒ
134+
- ์ธ์ฆ์„ ๊ณต์œ ํ•˜๋Š” ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜๋ผ๋ฆฌ๋Š” ๋ณ„๋„ ์ธ์ฆ๊ณผ์ • ๋ถˆํ•„์š”
135+
- '์ธ์ฆ(Authentication)' ํ”„๋กœํ† ์ฝœ์ด ์•„๋‹Œ **'์ธ๊ฐ€(Authorization)' ํ”„๋กœํ† ์ฝœ**
136+
- ์ธ์ฆ : ์ ‘๊ทผ ๊ฐ€๋Šฅํ•จ์„ ํ™•์ธํ•˜๋Š” ๊ณผ์ •
137+
- ์ธ๊ฐ€ : ํ—ˆ๊ฐ€, ์ ‘๊ทผ ๊ถŒํ•œ์„ ๊ด€๋ฆฌ
138+
- ์‚ฌ์šฉ์ž์˜ ํ™•์ธ(์ธ์ฆ) ๊ณผ์ •์„ ํ†ตํ•ด ๊ถŒํ•œ์„ ๋ถ€์—ฌ(์ธ๊ฐ€)
139+
140+
#### OAuth ๊ด€๋ จ ์šฉ์–ด
141+
- ์‚ฌ์šฉ์ž
142+
- '์„œ๋น„์Šค ์ œ๊ณต์ž'์™€ '์†Œ๋น„์ž'๋ฅผ ์‚ฌ์šฉํ•˜๋Š” ๊ณ„์ •์„ ๊ฐ€์ง€๊ณ ์žˆ๋Š” ๊ฐœ์ธ
143+
- ์„œ๋น„์Šค ์ œ๊ณต์ž
144+
- OAuth๋ฅผ ํ†ตํ•œ ์ ‘๊ทผ์„ ์ง€์›ํ•˜๋Š” ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜(Open API ์ œ๊ณต ์„œ๋น„์Šค)
145+
- ๋Œ€ํ‘œ์ ์œผ๋กœ ๊ตฌ๊ธ€, ๋„ค์ด๋ฒ„, ์นด์นด์˜ค, ํŽ˜์ด์Šค๋ถ ๋“ฑ
146+
- ์†Œ๋น„์ž
147+
- Open API๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ๊ฐœ๋ฐœ๋œ OAuth๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ '์„œ๋น„์Šค ์ œ๊ณต์ž'์—๊ฒŒ ์ ‘๊ทผํ•˜๋Š” ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜
148+
- ์†Œ๋น„์ž ๋น„๋ฐ€๋ฒˆํ˜ธ
149+
- '์„œ๋น„์Šค ์ œ๊ณต์ž'์—์„œ ์†Œ๋น„์ž๊ฐ€ ์ž์‹ ์ž„์„ ์ธ์ฆํ•˜๋Š” ํ‚ค
150+
- ์š”์ฒญ ํ† ํฐ
151+
- '์†Œ๋น„์ž'๊ฐ€ '์‚ฌ์šฉ์ž'์˜ ์ ‘๊ทผ ๊ถŒํ•œ์„ ์ธ์ฆ๋ฐ›๊ธฐ ์œ„ํ•ด ํ•„์š”ํ•œ ์ •๋ณด
152+
- ์ดํ›„ '์ ‘๊ทผ ํ† ํฐ'์œผ๋กœ ๋ณ€๊ฒฝ
153+
- ์ ‘๊ทผ ํ† ํฐ
154+
- ์ธ์ฆ ํ›„์— '์‚ฌ์šฉ์ž'๊ฐ€ '์„œ๋น„์Šค ์ œ๊ณต์ž'๊ฐ€ ์•„๋‹Œ '์†Œ๋น„์ž'๋ฅผ ํ†ตํ•ด ๋ณดํ˜ธ๋œ ์ž์›์— ์ ‘๊ทผํ•˜๊ธฐ ์œ„ํ•œ ํ‚ค๋ฅผ ํฌํ•จํ•œ ๊ฐ’
155+
156+
#### ๊ณผ์ •
157+
- '์†Œ๋น„์ž'์™€ '์„œ๋น„์Šค ์ œ๊ณต์ž' ๊ฐ„์— OAuth ๊ณผ์ • ์ง„ํ–‰
158+
1. ์†Œ๋น„์ž๊ฐ€ ์„œ๋น„์Šค ์ œ๊ณต์ž์—๊ฒŒ '์š”์ฒญ ํ† ํฐ'์„ ์š”์ฒญ
159+
2. ์„œ๋น„์Šค ์ œ๊ณต์ž๊ฐ€ ์†Œ๋น„์ž์—๊ฒŒ '์š”์ฒญ ํ† ํฐ' ๋ฐœ๊ธ‰
160+
3. ์†Œ๋น„์ž๊ฐ€ ์‚ฌ์šฉ์ž๋ฅผ ์„œ๋น„์Šค ์ œ๊ณต์ž์—๊ฒŒ ์ด๋™์‹œํ‚ค๊ณ , ์ด ๊ณผ์ •์—์„œ ์‚ฌ์šฉ์ž ์ธ์ฆ ์ˆ˜ํ–‰(์ธ์ฆ, Authentication)
161+
4. ์‚ฌ์šฉ์ž ์ธ์ฆ ํ›„, ์„œ๋น„์Šค ์ œ๊ณต์ž๊ฐ€ ์‚ฌ์šฉ์ž๋ฅผ ์†Œ๋น„์ž๋กœ ์ด๋™
162+
5. ์†Œ๋น„์ž๊ฐ€ '์ ‘๊ทผ ํ† ํฐ' ์š”์ฒญ
163+
6. ์„œ๋น„์Šค ์ œ๊ณต์ž๊ฐ€ '์ ‘๊ทผ ํ† ํฐ' ๋ฐœ๊ธ‰(๊ถŒํ•œ ๋ถ€์—ฌ, Authorization)
164+
7. ์†Œ๋น„์ž๋Š” '์ ‘๊ทผ ํ† ํฐ'์„ ์‚ฌ์šฉํ•˜์—ฌ ์‚ฌ์šฉ์ž ์ •๋ณด์— ์ ‘๊ทผ ๊ฐ€๋Šฅ
165+
166+
> :arrow_double_up:[Top](#9-security) :leftwards_arrow_with_hook:[Back](https://github.com/WeareSoft/tech-interview#9-security) :information_source:[Home](https://github.com/WeareSoft/tech-interview#tech-interview)
167+
> - [OAuth](https://ko.wikipedia.org/wiki/OAuth)
168+
169+
127170
---
128171

129172
## Reference

0 commit comments

Comments
ย (0)