php - Save OAuth WRAP access tokens directly on client machine in a cookie? -


I am planning to set up a website that can access an ohth wrap framework. I was thinking of storing an access token on the client machine, as it is. I do not want to maintain the database of temporary tokens etc on the server.

What should I do? Or should I encrypt it?

First of all, why are not they using Oath 2.0 ...

< P> You can store OAuth credentials in a cookie or better yet, HTML5 local storage. It should be encrypted so that only the server has access to this cookie and can only use the server token. Also, it should be a safe cookie to prevent it from leaking. Make at least one of these two (secure, encrypt).

But keep in mind that cookies can be lost, and if users enter your site, then it will not work from other machines.

>

Comments

Popular posts from this blog

c# - sqlDecimal to decimal clr stored procedure Unable to cast object of type 'System.Data.SqlTypes.SqlDecimal' to type 'System.IConvertible' -

Calling GetGUIThreadInfo from Outlook VBA -

Obfuscating Python code? -