stevaidis/dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update OAuth2.md

Browse Source
This commit is contained in:
Ste Vaidis 2024-12-15 12:50:33 +02:00
parent 5a762a2de4
commit 073823bd7d
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
OAuth2.md
View File

@ -8,10 +8,10 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
### OAuth2 Standar Flow: ### OAuth2 Standar Flow:
1. **User clicks** "Login with Google" on your platform `xorismesiti.gr` 1. **User** clicks button "Login with Google" on your platform `xorismesiti.gr`
2. **Authorization Request**: Redirect to Google's authorization endpoint `accounts.google.com/o/oauth2` 2. **Authorization Request**: Button redirects user to Google's authorization endpoint `accounts.google.com/o/oauth2`
3. **User Login and Consent**: User login to Google and grants permissions. 3. **User Login and Consent**: User login to Google and grants permissions.
4. **Authorization Code Response**: Google redirects back to your app `xorismesiti.gr/callback` with an authorization `code`. 4. **Authorization Code Response**: Google redirects user back to your app `xorismesiti.gr/callback` with an authorization `code`.
5. **Access Token Request**: App exchanges the authorization `code` for an `access_token`. 5. **Access Token Request**: App exchanges the authorization `code` for an `access_token`.
6. **Access Protected Resources**: App uses the `access_token` to fetch the user's Google profile and email from `googleapis.com/oauth2` 6. **Access Protected Resources**: App uses the `access_token` to fetch the user's Google profile and email from `googleapis.com/oauth2`
7. **Token Refresh** (Optional): If the `access_token` expires, app uses the `refresh token` to get a new `access_token`. 7. **Token Refresh** (Optional): If the `access_token` expires, app uses the `refresh token` to get a new `access_token`.
@ -19,15 +19,15 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
### OAuth2 Frontend/`Backend Flow: ### OAuth2 Frontend/`Backend Flow:
**Frontend** **Frontend**
1. **Redirect** the user to Google's OAuth authorization endpoint. 1. **Redirect** the user to Google's OAuth authorization endpoint `accounts.google.com/o/oauth2`
2. **Get** the authorization `code` after Google redirects back to the frontend. 2. **Get** the authorization `code` after Google redirects back to the frontend `xorismesiti.gr/callback`
3. **Send** the authorization `code` to the backend for `token` exchange. 3. **Send** the authorization `code` to the backend for `token` exchange.
**Backend** **Backend**
1. **exchange** the authorization `code` for an `access_token` and `refresh token` 1. **exchange** the authorization `code` for an `access_token` and `refresh token`
2. **fetch** user profile data from Google (or other resources) using the `access_token` 2. **fetch** user profile data from from `googleapis.com/oauth2` using the `access_token`
3. **Store** the `tokens` securely (in session or a database). 3. **Store** the `tokens` securely in session (front) or a database (back)
4. **Refresh** the `access_token` if it expires. 4. **Refresh** the `access_token` if it expires
<br><br><br> <br><br><br>