How can authorization be done on a local web app using Google?
I'm developing a (so far) intra-company website that needs authentication (i.e. a limited set of users are allowed to use it). I don't want to force the users to have a new username/password pair for only this service. The company already uses company-branded Google Mail for e-mail, so every user already has a Google account: my "cunning plan" is let Google authenticate the users.
I found this great question and answer so I know (or at least have an idea) on how to verify on the server side that the web session was authenticated by Google. What I don't know: how to get that accessToken on the client side? How to detect if the user already logged in to Google, and if not, how to present the Google login form to the user?
I found the Using OAuth 2.0 to Access Google APIs documentation, but I don't quite understand this sentence: "The authorization sequence begins when your application redirects a browser to a Google URL; the URL includes query parameters that indicate the type of access being requested.". What is this URL?
I'm fairly new to web development and JavaScript, unfortunately.
"The authorization sequence begins when your application redirects a browser to a Google URL; the URL includes query parameters that indicate the type of access being requested.".
Your application will need to open a webpage which will display a consent screen to the user. This page is opened on Googles identity server not your own. You have probably seen this before.
The url is built up using the client id and redirect URI that you set up on your project in the Google developer console.
https://accounts.google.com/o/oauth2/auth?client_id={clientid}.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/analytics.readonly&response_type=code
you might find this blog post interesting Google 3 Legged OAuth2 Flow
- Wrapping a wrapper of console log with correct file/line number?
- How to safely polyfill `console.log` without breaking line numbers?
- Harmony proxy, detect whether property was accessed or called
- chrome.runtime.onInstalled is undefined
- d3.js passing in dynamic variable name to d.properties method
- Smooth scroll does not work with transition animation
- How to Change Default Error Text in Yup/Formik?
- Using SplideJS arrows outside of splide
- How to add facebook share button on my website?
- How to combine the results of two observable in angular?
- Bootstrap 3 modal: make it movable/draggable without jquery-ui
- Make bootstrap modal draggable and keep background usable
- How can I fix this framework so the services can be defined in any order?
- How do you JSON.stringify an ES6 Map?
- JS Find indices of duplicate values in array if there are more than two duplicates
- Curly Brackets in Arrow Functions
- Mixed Content The page at was loaded over HTTPS but requested an insecure resource This request has been blocked the content must be served over HTTPS
- Reducing an array of objects in JS?
- React-Redux - No reducer provided for key "coins"
- SyntaxError: Unexpected token in JSON.parse - Invalid JSON format being sent in to the Backend
- How can I avoid state of "TypeError: can't access dead object" in my Firefox add-on?
- How to add Html Content to a new created Iframe in JS
- Efficiently rendering a large number of "select" elements
- How can I capitalize the first letter of each word in a string using JavaScript?
- Call custom hook only on the active component in the DOM
- Nodejs: get filename of caller function
- How do I fix this issue: "node_modules/expo/AppEntry.js: [BABEL]"?
- EventListener not being removed
- How to check if DST (Daylight Saving Time) is in effect, and if so, the offset?
- In React, does creating a click handler outside the JSX have any improvement on performance?