1. 技术文章
  2. Forcing a user to choose an account via Google OAuth2

Forcing a user to choose an account via Google OAuth2

烈酒焚心 提交于 2020-01-21 04:10:27

问题


I have the following workflow in my application:

  1. user logs into my custom app
  2. user clicks a button to link their YouTube account
  3. application makes a server side request using the code listing below
  4. user is redirected to the google auth url

At this point, one of two things happens:

[I never want this behaviour] - If the user is logged into exactly one Google account (i.e. gmail, Google Apps for Domains, etc...) the user is never asked to choose which account to link. It just assumes they want to use the one they are logged into and goes upon its merry way.

[I always want this behaviour] - If the user is either not logged in to any Google accounts, or they are logged in to more than one Google account then they are asked to choose which account they'd like to proceed with.

Question: Is there a way for me to force the user to choose an account, even if the user is currently logged into a single Google account?

Code:

private def getFlow() = {
  if (flow == null) {
    logger.info("Using OAuth client secrets file: " + GoogleOAuthService.CLIENT_SECRETS_JSON)
    clientSecrets = GoogleClientSecrets.load(JacksonFactory.getDefaultInstance(),
      new InputStreamReader(getClass.getResourceAsStream(GoogleOAuthService.CLIENT_SECRETS_JSON)));
    redirectUri = clientSecrets.getDetails().getRedirectUris().get(0)
    flow = new GoogleAuthorizationCodeFlow.Builder(
      httpTransport, JacksonFactory.getDefaultInstance(), clientSecrets, SCOPES).setDataStoreFactory(
      dataStoreFactory).setAccessType("offline").setApprovalPrompt("force").build()
  }
  flow
}

def newAuthorizationUrl(userId: String) = {
  val urlRequest = getFlow().newAuthorizationUrl()

  urlRequest.setAccessType("offline")
   .setRedirectUri(redirectUri).setState(userId).build()
}

回答1:


I think you can add some parameter in the url to tell google to show the consent screen with the user accounts instead of assuming the default google account.

This can be done by adding prompt=select_account+consent ("+" is added as a part of url encoding) in the url.

I did not try this till now but maybe you can try.




回答2:


In the first comment, @Hans gave the correct link to the similar topic. However, if it doesnt help, then here is solution:

just add &prompt=consent parameter in requesting google's url.



来源:https://stackoverflow.com/questions/37711665/forcing-a-user-to-choose-an-account-via-google-oauth2

标签
google-oauth
google-oauth2
google-oauth-java-client
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!