DRD24. Do not bundle OAuth security-related protocol logic or sensitive data into a relying party's app
Under Construction
This guideline is under construction.
Noncompliant Code Example
This noncompliant code example shows an application that
Non-compliant code
TBD
Compliant Solution
In this compliant solution the application
Compliant code
TBD
Risk Assessment
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| DRD24 | Medium | Probable | No | No | P4 | L3 |
Automated Detection
Tool
Version
Checker
Description
Bibliography
| [Chen OAuth 2014] | OAuth Demystified for Mobile Application Developers |
Internet Engineering Task Force (IETF). OAuth core 1.0 revision a. http://oauth.net/core/1.0a/ . | |
| Internet Engineering Task Force (IETF). The OAuth 2.0 authorization framework. http://tools.ietf.org/html/rfc6749 . |