lock

SQL injection in Android content providers and how to be protected

If you are familiar with Android apps development, you have dealt with components for sure (although maybe you don’t know them with that name) and specifically, with content providers. In this post, I am going to talk about how to use SQL injection to access data provided by this kind of components and how to be protected against … Read more

autorización

OAuth2, authorization protocol

OAuth2 is a authorization protocol, that emerged from the Social Web. This allow users to authorize third parties to access their information without them having to know the user’s credentials. There are multiples entities involved in the OAuth2 flow: Resource owner: Entity that may grant access to protected resources. It may be an authorization of certain … Read more

refresh token autenticación JWT

Refresh token with JWT authentication in Node.js

When designing a web application, along with security authentication is one of the key parts. Authentication with tokens was a breakthrough in this regard, and the refresh token came to complement it and make it usable.   Authentication Authentication systems are divided according to how they verify the user: – Based on something known (password) – … Read more