Protocols

OAuth 2.0 - RFC 6749 and Google Identity implementation (hands-on)

This is my memo while learning OAuth 2.0. RFC 6749 https://tools.ietf.org/html/rfc6749 1.1 (Entities and) Roles Client: An application making protected resource requests on behalf of the resource owner and with its authorization. Resource owner: An entity capable of granting access to a protected resource. When the resource owner is a person, it is referred to as an end-user. Resource server: The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens.

DNS-01 challenge (Let's Encrypt)

I followed this post. cf) DNS-01 Challenge: https://letsencrypt.org/de/docs/challenge-types/. Check the certificate certbot certificates Create a new certificate Prepare E-mail address for notifications from Let’s Encrypt (in followin case foo@bar.com). You should be ables to change the DNS records (TXT records) of the domain. Create the certificate certbot --manual --preferred-challenges dns certonly \ -d yourwebsite.com \ -d www.yourwebsite.com \ # SAN in the certificate Here is the sample messages.

Cache (HTTP)

What is the Cache Cache is temporarily stored data. This is a general concept, and I think this is why many developers struggle with it a lot. Because Cache is temporary data, we should think where and how long to store the data. Where are the data stored There are several locations where we can save cache data. The most common place is the browser in a client. Not only client sides but also server sides (origin servers) can hold a cache.