PHP Google+ Plaform server side user verification and get access token
Question
I'm using the Google+ Platform on my android app with PlusClient and all that good stuff.
When the user signs in he can interact with my PHP server to get some content, but on every request i want to verify if the user is who he says he is.
For that purpose, on every PHP request i ask for the id and access token so that i can call " https://www.googleapis.com/oauth2/v1/tokeninfo?access_token= $accessToken" and check if the id is the same as on the access token.
Is this a valid server-side user auth verification method? If not, what is the best approach?
My other question is how do i get the access token when i connect with the PlusClient to send to the PHP server? Do i have to call the GoogleAuthUtil.getToken?
1 answers
solution1
2 ACCPTED 2013-05-09 19:06:50
YES, you'll need to use GoogleAuthUtil.getToken
That's actually what the PhotoHunt Android sample app do.
You just have to copy/paste the source code from https://developers.google.com/+/photohunt/android#authenticating_with_photohunt
sAccessToken = GoogleAuthUtil.getToken(ctx, account, "oauth2:" + Scopes.PLUS_LOGIN + " " + Scopes.PLUS_PROFILE);
Hope it helps
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.