堆栈内存溢出
  简体   繁体   English

适用于iOS的Google+一次性授权码

[英]Google+ one-time authorization code for iOS

 原文  2014-02-19 12:20:18       android/ ios/ objective-c/ oauth-2.0/ google-api

问题描述

According to Google one-time authorization code flow is the most secure way for using Google Plus API in multiclient applications, On Google Developers site there are tutorials to implement this on Android and PHP ( https://developers.google.com/accounts/docs/CrossClientAuth ) but not in iOS. 根据Google的一次性授权代码流,这是在多客户端应用程序中使用Google Plus API的最安全方式。在Google Developers网站上,有一些教程可以在Android和PHP上实现此功能( https://developers.google.com/accounts/ docs / CrossClientAuth ),但不适用于iOS。

Does anyone have successfully implemented one-time authorization code flow in iOS ? 是否有人在iOS中成功实现了一次性授权代码流?

Any idea? 任何想法? Thanks. 谢谢。

2 个解决方案

解决方案1
 0  2014-02-19 12:47:43

I have currently use following URL for integration google+ login and post data on google+ 我目前使用以下URL集成google +登录并在google +上发布数据

https://developers.google.com/+/mobile/ios/sign-in https://developers.google.com/+/mobile/ios/sign-in

解决方案2
 0  2014-02-26 17:06:43

According to Google's document about verifying client-side tokens on the server , you cannot use one-time-code flow when authenticating on an iOS app: 根据Google的有关在服务器上验证客户端令牌的文档 ,在iOS应用上进行身份验证时,您不能使用一次性代码流:

The following are common situations where you might send tokens to your server: 在以下常见情况下,您可能会向服务器发送令牌:

  • Sending ID tokens with requests that need to be authenticated. 发送带有需要验证的请求的ID令牌。 The ID tokens tell you the particular user making the request and for which client that ID token was granted. ID令牌告诉您发出请求的特定用户,以及该ID令牌是为哪个客户端授予的。
  • Sending ID tokens that contain OpenID 2.0 identifiers (openid_id) that need to be mapped to the Google+ ID (sub). 正在发送包含需要映射到Google+ ID(子)的OpenID 2.0标识符(openid_id)的ID令牌。
  • Sending client-side access tokens to the server so that the server can make requests to the Google APIs and when the one-time-code flow is not available. 将客户端访问令牌发送到服务器,以便服务器可以在一次代码流不可用时向Google API发出请求。 For example, if your iOS app has a back-end server that needs to request data from the APIs and then background process it on behalf of the client . 例如,如果您的iOS应用有一个后端服务器,需要从API请求数据,然后代表客户端对其进行后台处理

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 获取Google一次性授权码 - Getting Google one-time authorization code Google+登录-具有一次性代码的安全性 - Google+ Sign In - Security with one-time code 在Android上重新使用Google+的“一次性授权码” - Regeneration of “one time authorization code” for Google+ on Android Android Google+授权 - android google+ authorization 来自GoogleAuthUtil.getToken的一次性身份验证代码的Google API无效授权 - Google API Invalid grant on one-time auth code from GoogleAuthUtil.getToken PHP一次性密码? - PHP one-time password? 不同的一次性屏幕 - Different One-time screens 使用Google Play应用内结算进行一次性购买的计时赛 - Time trial for one-time purchases with Google Play In-App Billing 通过Android应用中的Google+授权 - Authorization through Google+ in Android App 无法通过适用于Android的Google+登录获取授权码:INVALID_SCOPE - Unable to get Authorization Code with Google+ Sign-in for Android: INVALID_SCOPE
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM