Measuring and Mitigating OAuth Access Token Abuse by Collusion Networks
We carried out a comprehensive measurement study to understand how collusion networks exploited popular third-party Facebook applications with weak security settings to retrieve OAuth access tokens.
Third-party Facebook applications gain restricted access to users' accounts using
... OAuth 2.0 provides two workflows to generate an access token: client-side ...