I got some question about the OAuth2.0 process.
I would like to achieve something like Stack Log with google account
feature.
I'm using the PHP library from Google.
I'm ok retrieving the refresh token and the access token.
So far so good, my question is : when the user log out from my website and click the button again, how am I supposed to know who the user is to retrieve from DB the right refresh token ?
I thought about keeping the email in a cookie but StackOverflow doesn't seem to do that as I cleared my cookies but Stack keep connecting me as I click the button without showing back the "Application scope authorization" google page.
Am I missing something ? Is there an API allowing to get the user email without token ? Maybe RefreshToken should only be used with Mobile APP where you know the user?
What I want to achieve is relatively simple, the user click the sign-in, first time one has to approve the application. Once its done, I would like to automatically connect the user when the sign-in button is clicked.
Thanks for any information on that
The Automated Token Editor lets you add scripting to automate retrieval of OAuth 2 tokens, by creating javascript interactions with the authentication pages provided by the authentication server.
Make sure cookies are turned on. Some antivirus or related software may delete your cookies. If your cookies are turned on, clear your browser's cache. Note: While deleting your cookies may resolve the problem, it will also remove your saved settings for sites you've visited.
Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for web server, client-side, installed, and limited-input device applications.
https://developers.google.com/accounts/docs/OAuth2Login describes just how to achieve sign-in using Google/ OAuth2.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With