[英]Google+ API sign in for both Android app and server
My app has an Android client communicating with my own back-end server. 我的应用程序有一个与我自己的后端服务器通信的Android客户端。 I want to use the Google API to handle the user authorisation for me (using a Google+ account), so that the user does not need to sign up for a separate account for my app.
我想使用Google API为我处理用户授权(使用Google+帐户),因此用户无需为我的应用注册单独的帐户。
By following the documentation in https://developers.google.com/+/web/signin/server-side-flow , my understanding of the authentication flow is shown below. 通过遵循https://developers.google.com/+/web/signin/server-side-flow中的文档,我对身份验证流程的理解如下所示。 I am not sure it is correct, because it sounds like hijacking the Google API for my purpose.
我不确定它是否正确,因为听起来像是出于我的目的劫持了Google API。
Especially, I am doubtful about the point 3. I exchange the access code for the Google refresh token and access token, but I never use them. 特别是,我对第3点表示怀疑。我将访问代码交换为Google刷新令牌和访问令牌,但是我从未使用过它们。 The purpose of the exchange is just to check whether the user has been authorised by Google.
交换的目的只是检查用户是否已获得Google的授权。 Does it sound quite correct?
听起来很正确吗? If not, what is the good way to do it?
如果没有,什么是好的方法?
After you receive access_token on your server, execute the cURL/network request to the Google server. 在服务器上收到access_token后,请向Google服务器执行cURL / network请求。
For example (in PHP): 例如(在PHP中):
<?php
$access_token = $_GET['access_token']; // Get the access token
$google_api_url = "https://www.googleapis.com/plus/v1/people/me?access_token=". $access_token; // Create Google API URL with access_token
$c = curl_init($google_api_url); // Create network request to the Google server
curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($c); // Execute request and get the response from th Google server
var_dump($result); // Print the result
RESULT OUTPUT (in JSON): 结果输出(以JSON格式):
If access_token is valid 如果access_token 有效
{
"kind": "plus#person",
"gender": "male",
"emails": [
{
"value": "arr.mohd@gmail.com",
"type": "account"
}
],
"objectType": "person",
"id": "101571740244190011262",
"displayName": "Rafique Mohammed",
"name": {
"familyName": "Mohammed",
"givenName": "Rafique"
},
"url": "https://plus.google.com/101571740244190011262",
"image": {
"url": "https://lh6.googleusercontent.com/-pxiRX5gNkWE/AAAAAAAAAAI/AAAAAAAAAEg/99WWMsH16P8/photo.jpg?sz=50",
"isDefault": false
},.... //etc
If access_token is invalid 如果access_token 无效
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.