The objective for this lab is:
This lab again reuses the virtual machine we've previously employed for experimenting with security-relevant software. To get your VM up and running again, you may want to look back at the first set of lecture notes and labs that involved use of the VM.
✏️ Task One (recommended) Confirm that you can produce equivalent results to those presented in the lecture notes in terms of developing your own Dropbox helper application. Experiment with different access scopes that can be selected within the Dropbox configuration for your helper application.
✏️
Task Two (optional) For more information about what talks to what, when, you can use the tcpflow-web.sh
script to listen to connections between your web browser and your Dropbox helper application.
✏️ Task Three (recommended) For the different steps of interaction between the software components that you have build with your Dropbox helper application, ensure that you can map each such step to the OAuth2 interaction figure that is within the lecture notes.
✏️ Task Four (optional) See if you can find another example of an OAuth2 extension framework that you can use in a similar manner to building a Dropbox application. What parts of the alternative helper application match that of Dropbox helper applications, and what parts are different?