Oauth2 flow without redirect_uri

后端未结

关注

 5  1500

北海茫月 2021-01-05 06:15

I am creating an Android/iOS app which communicates with a Node.js server and would like to identify them securely on my server using Google (and/or Facebook) and OAuth2. I\

5条回答

孤城傲影 (楼主)

2021-01-05 06:59
I had this problem and it took me ages to find the "postmessage" solution that Nepoxx mentions in the comments of the accepted answer here.

For clarification, here's what worked for me.
1. Follow steps 1-6 here: https://developers.google.com/identity/sign-in/web/server-side-flow
2. Install googleapis library npm install --save googleapis
3. For the server-side token exchange do this:
```
    var googleapis = require('googleapis');
    var OAuth2 = googleapis.auth.OAuth2;

    var oauth2Client = new OAuth2(
       GOOGLE_SSO_CLIENT_ID,
       GOOGLE_SSO_CLIENT_SECRET,
       'postmessage' // this is where you might otherwise specifiy a redirect_uri
    );

    oauth2Client.getToken(CODE_FROM_STEP_5_OF_INSTRUCTIONS, function(err, tokens) {
       // Now tokens contains an access_token and an optional refresh_token. Save them.
    });
```
0 讨论(0)

查看其它5个回答
发布评论:

提交评论
- 加载中...