Read: Class 12 OAuth - Goorob-401-advanced-javascript/amman-javascript-401d1 GitHub Wiki

OAUTH2.0 : How does OAuth work?
- the process of authentication and access. - Application spawns the “Login Using xxx” window, asking for specific permissions - User Agrees to allow this to happen - Remote service (i.e. Google) contacts the application with a one-time-use Code - The application calls back to a special address on the remote service to exchange that Code for a Token - Once the token has been granted, the application will then be able to contact the remote service, using that Token to access information on behalf of the user .
Access Code : First the client needs to grant the application permission. To do this you need to provide an tag that will take them to the service’s authorization page. This tag should pass the following information through a query string to the authorization server. Every service is slightly different in their specific requirements, but in some form or another, variables like these are part of this initial request
- response_type=code indicates that your server wants to receive an authorization code
- client_id= tells the authorization server which app the user is granting access to
- redirect_uri= tells the auth server which server endpoint to redirect to
- scope= tells the auth server what you want the user to give access to
- state= a place where you can store info to pass to your server if you want