oauth2:注销当前登录的google用户,然后从我的应用发送oauth网址
[英]oauth2: Logoff currently logged in google user and then send the oauth url from my app
问题描述
Say user1 has logged into his gmail account on my phones chrome browser. 
假设user1已在我的手机chrome浏览器中登录了他的gmail帐户。 Im writing an android app using google rest api's and the pre-requisite is an oauth2 authorization. 我使用google rest api编写了一个Android应用,前提是必须具备oauth2授权。 If i send the authorization url from my app to be opened in the browser then the user1's account is assumed to be authenticated and the authrization page (with Allow/Deny) buttons are shown. 如果我从我的应用程序发送要在浏览器中打开的授权URL,则假定user1的帐户已通过身份验证,并显示“身份验证”页面(带有“允许/拒绝”)按钮。 How can i programatically, logoff the existing user and then send the oauth2 url from my app so that the user explicitly enters his credentials and also grants the oauth access to my app. 我如何以编程方式注销现有用户,然后从我的应用程序发送oauth2网址,以便该用户明确输入其凭据,并向我的应用程序授予oauth访问权限。
I tried logging off with the follwoing but not successful... 我尝试注销但未成功...
1) https://www.google.com/accounts/logoff?continue=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A8080&prompt=consent&response_type=code&client_id=blah-blah-blah "&scope="blah blah" 1) https://www.google.com/accounts/logoff?continue=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A8080&prompt=consent&response_type= code&client_id = blah-blah-blah “&scope =” blah blah“
2) https://accounts.google.com/logoff?continue=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A8080&prompt=consent&response_type=code&client_id=blah-blah-blah "&scope="blah blah" 2) https://accounts.google.com/logoff?continue=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=http%3A%2F%2Flocalhost%3A8080&prompt=consent&response_type=code&client_id= blah-blah-blah “&scope =” blah blah“
In options 2 and 3, i get a http 400 error that "response_type" is missing but its present in the url that i sent. 在选项2和3中,我收到一个http 400错误,“ response_type”丢失了,但它存在于我发送的url中。
Basically my intention is to log off the existing google user and explicitly make the user of my app to sign in to his credentials, so that the oauth2 is done only for his account and not for others (by mistake). 基本上,我的意图是注销现有的google用户,并明确使我的应用程序的用户登录其凭据,以便仅针对其帐户而不对其他帐户(错误地)执行oauth2。
1 个解决方案
解决方案1
2 2017-09-08 07:20:07
I added the parameter "prompt=select_account+consent" to the http request and it worked for me. 我在http请求中添加了参数“ prompt = select_account + consent”,它对我有用。 Irrespective of the current user who is logged into the browser, the login screen is shown for the user. 无论当前登录到浏览器的用户如何,都会显示该用户的登录屏幕。
https://accounts.google.com/o/oauth2/v2/auth?prompt=select_account+consent https://accounts.google.com/o/oauth2/v2/auth?prompt=select_account+consent
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.