### OAuth 1 { #oauth-1 }

過去有 OAuth 1，和 OAuth2 非常不同，也更複雜，因為它直接規範了如何加密通訊。

它現在並不流行，也很少被使用。

OAuth2 不規範通訊如何加密，而是假設你的應用會透過 HTTPS 提供服務。

/// tip | 提示
在部署相關章節中，你會看到如何使用 Traefik 與 Let's Encrypt 免費設定 HTTPS。
///

## OpenID Connect { #openid-connect }

OpenID Connect 是基於 **OAuth2** 的另一套規範。

它只是擴充了 OAuth2，釐清了 OAuth2 中相對模糊的部份，以提升互通性。

例如，Google 登入使用的是 OpenID Connect（其底層使用 OAuth2）。

		ACB_PWNOEXP                = 0x00000200, /* 1 = User password does not expire */
		ACB_AUTOLOCK               = 0x00000400, /* 1 = Account auto locked */
		ACB_ENC_TXT_PWD_ALLOWED    = 0x00000800, /* 1 = Encryped text password is allowed */
		ACB_SMARTCARD_REQUIRED     = 0x00001000, /* 1 = Smart Card required */
		ACB_TRUSTED_FOR_DELEGATION = 0x00002000, /* 1 = Trusted for Delegation */

import org.junit.runner.RunWith;
import javax.net.ssl.SSLHandshakeException;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;

/**
 * Let's Encrypt expiring root test.
 *
 * Read https://community.letsencrypt.org/t/mobile-client-workarounds-for-isrg-issue/137807
 * for background.
 */
@RunWith(AndroidJUnit4.class)
public class LetsEncryptTest {

/// tip | Dica

Na seção sobre **deployment** você irá ver como configurar HTTPS de modo gratuito, usando Traefik e Let’s Encrypt.

///

## OpenID Connect { #openid-connect }

OpenID Connect é outra especificação, baseada em **OAuth2**.

    }

    @Test
    @DisplayName("Test log encryption")
    void testLogEncryption() {
        logger.logEncryption(true, "AES-128-GCM", "SMB3.1.1");

        Map<EventType, Long> stats = logger.getStatistics();
        assertEquals(Long.valueOf(1), stats.get(EventType.ENCRYPTION_ENABLED), "Should have 1 encryption event");
    }

    @Test
    @DisplayName("Test log security violation")

		ACB_PWNOEXP                = 0x00000200, /* 1 = User password does not expire */
		ACB_AUTOLOCK               = 0x00000400, /* 1 = Account auto locked */
		ACB_ENC_TXT_PWD_ALLOWED    = 0x00000800, /* 1 = Encryped text password is allowed */
		ACB_SMARTCARD_REQUIRED     = 0x00001000, /* 1 = Smart Card required */
		ACB_TRUSTED_FOR_DELEGATION = 0x00002000, /* 1 = Trusted for Delegation */

Günümüzde pek popüler değildir veya pek kullanılmaz.

OAuth2 ise iletişimin nasıl şifreleneceğini belirtmez; uygulamanızın HTTPS ile sunulmasını bekler.

/// tip | İpucu

**deployment** bölümünde Traefik ve Let's Encrypt kullanarak ücretsiz şekilde HTTPS’i nasıl kuracağınızı göreceksiniz.

///

## OpenID Connect { #openid-connect }

OpenID Connect, **OAuth2** tabanlı başka bir spesifikasyondur.

        if (!validateConfiguration(context)) {
            context.logger.error(messageBuilderFactory
                    .builder()
                    .error("Maven Encryption is not configured, run `mvnenc init` first.")
                    .build());
            return ERROR;
        }
        return doExecute(context);
    }

     * Determines whether this session is currently in use.
     *
     * @return whether the session is in use
     */
    boolean isInUse();

    /**
     * Returns the current session key used for signing and encryption.
     *
     * @return the current session key
     * @throws CIFSException if the session key cannot be retrieved
     */
    byte[] getSessionKey() throws CIFSException;

    /**

    testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
    testInstrumentationRunnerArguments += mapOf(
      "notClass" to "org.conscrypt.KitKatPlatformOpenSSLSocketImplAdapter,org.bouncycastle.pqc.crypto.qtesla.QTeslaKeyEncodingTests"
    )
  }

  compileOptions {
    targetCompatibility(JavaVersion.VERSION_11)
    sourceCompatibility(JavaVersion.VERSION_11)
  }