Web

Building OAuth 2.0 From Scratch in Go — Part 1: The Authorization Code Flow You’ve clicked “Log in with Google” a hundred times. This is what’s happening on the other side — built from scratch, in three small Go servers you can run yourself. Why build it instead of reading about it OAuth 2.0 has a reputation for being confusing, and I think the reason is that most explanations start with the vocabulary — “resource owner,” “bearer token,” “grant type” — before you have anything to hang it on. So I did the opposite: I built the whole thing. Three tiny Go programs, three roles, one flow, end to end. By the time the photos showed up in the browser, the vocabulary had explained itself. ...