Menu
I have the following workflow in my application:
At this point, one of two things happens:
[I never want this behaviour] - If the user is logged into exactly one Google account (i.e. gmail, Google Apps for Domains, etc...) the user is never asked to choose which account to link. It just assumes they want to use the one they are logged into and goes upon its merry way.
[I always want this behaviour] - If the user is either not logged in to any Google accounts, or they are logged in to more than one Google account then they are asked to choose which account they'd like to proceed with.
Question: Is there a way for me to force the user to choose an account, even if the user is currently logged into a single Google account?
Code:
private def getFlow() = {
if (flow == null) {
logger.info("Using OAuth client secrets file: " + GoogleOAuthService.CLIENT_SECRETS_JSON)
clientSecrets = GoogleClientSecrets.load(JacksonFactory.getDefaultInstance(),
new InputStreamReader(getClass.getResourceAsStream(GoogleOAuthService.CLIENT_SECRETS_JSON)));
redirectUri = clientSecrets.getDetails().getRedirectUris().get(0)
flow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport, JacksonFactory.getDefaultInstance(), clientSecrets, SCOPES).setDataStoreFactory(
dataStoreFactory).setAccessType("offline").setApprovalPrompt("force").build()
}
flow
}
def newAuthorizationUrl(userId: String) = {
val urlRequest = getFlow().newAuthorizationUrl()
urlRequest.setAccessType("offline")
.setRedirectUri(redirectUri).setState(userId).build()
}
238
The redirect URIs are the endpoints to which the OAuth 2.0 server can send responses. These endpoints must adhere to Google's validation rules. For testing, you can specify URIs that refer to the local machine, such as http://localhost:8080 .
Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for web server, client-side, installed, and limited-input device applications.
OAuth 2.0 allows users to share specific data with an application while keeping their usernames, passwords, and other information private. For example, an application can use OAuth 2.0 to obtain permission from users to store files in their Google Drives. This OAuth 2.0 flow is called the implicit grant flow.
I think you can add some parameter in the url to tell google to show the consent screen with the user accounts instead of assuming the default google account.
This can be done by adding prompt=select_account+consent ("+" is added as a part of url encoding) in the url.
I did not try this till now but maybe you can try.
107
In the first comment, @Hans gave the correct link to the similar topic. However, if it doesnt help, then here is solution:
just add &prompt=consent parameter in requesting google's url.
43
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
