How to reset google oauth 2.0 authorization?

谁说胖子不能爱 提交于 2020-01-27 06:13:11

问题


I'm using Google APIs Client Library for JavaScript (Beta) to authorize user google account on web application (for youtube manipulations). Everything works fine, but i have no idea how to "logout" user from my application, i.e. reset access tokens.

For example, following code checks user authorization and if not, shows popup window for user to log into account and permit web-application access to user data:

gapi.auth.authorize({client_id: CLIENT_ID, scope: SCOPES, immediate: false}, handleAuth);

But client library doesn't have methods to reset authorization.

There is workaround to redirect user to "accounts.google.com/logout", but this approach is not that i need: thus we logging user off from google account not only from my application, but also anywhere.

Google faq and client library description neither helpful.


回答1:


Try revoking an access token, that should revoke the actual grant so auto-approvals will stop working. I assume this will solve your issue.

https://developers.google.com/accounts/docs/OAuth2WebServer#tokenrevoke




回答2:


Its very simple. Just revoke the access.

void RevokeAcess()
{
    try{
    HttpClient client = new DefaultHttpClient();
    HttpPost post = new HttpPost("https://accounts.google.com/o/oauth2/revoke?token="+ACCESS_TOKEN);
    org.apache.http.HttpResponse response = client.execute(post);
    }
    catch(IOException e)
    {
    }
}

But it should be in asyncTask




回答3:


It depends what you mean by resetting authorization. I could think of a three ways of doing this:

  1. Remove authorization on the server
    Go to myaccount.google.com/permissions, find your app and remove it. The next time you try to sign in you have to complete full authorization flow with account chooser and consent screen.

  2. Sign out on the client
    gapi.auth2.getAuthInstance().signOut();
    In this way Google authorization server still remembers your app and the authorization token remains in browser storage.

  3. Sign out and disconnect
    gapi.auth2.getAuthInstance().signOut();
    gapi.auth2.getAuthInstance().disconnect();
    This is equivalent to (1) but on the client.




回答4:


Simply use: gapi.auth.setToken(null);



来源:https://stackoverflow.com/questions/15646235/how-to-reset-google-oauth-2-0-authorization

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!