3 Videos for OAuth2: Authorization Server OpenRedirect

In this video, we introduce the basics of OAuth2, explaining key terminologies like Resource, Resource Owner, User-Agent, Resource Server, and Authorization Server, and delve into different OAuth2 flows such as Authorization Code Grant and Implicit Grant. We also discuss the intricacies and potential vulnerabilities within these flows.

This video introduces the OAuth2 authorization framework, explaining key components such as the Resource Owner, Resource Server, Authorization Server, and OAuth2 Client. We explore a practical example with a photo printing service and examine both the normal authorization flow and a potential attack exploiting the redirect URI vulnerability.

In this video, we cover the exploitation of OAuth2 within the authorization and authentication framework. We demonstrate how to manipulate OAuth2 parameters to redirect users to a malicious server, and ultimately obtain the key for the exercise.