From 1a3afe914dca23a2f4743234d4c4a8d7d9b54ad8 Mon Sep 17 00:00:00 2001 From: Ste Vaidis Date: Tue, 7 Jan 2025 12:35:34 +0200 Subject: [PATCH] Update OAuth2-Backend-Approach.md --- OAuth2-Backend-Approach.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/OAuth2-Backend-Approach.md b/OAuth2-Backend-Approach.md index 51cff79..7c6e150 100644 --- a/OAuth2-Backend-Approach.md +++ b/OAuth2-Backend-Approach.md @@ -1,6 +1,6 @@ ### OAuth2 purpose -A way for the `user` to tell `google` to give an access token to `xorismesiti.gr` app +A way for the `user` to tell `google` to give an access to `xorismesiti.gr` app
@@ -8,9 +8,9 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr | When | What | How | |-------|--------------------------|:------------------------------------------------:| -| 1 | Get Code | Front ⇢ Google ⇢ Front | -| 2 | Exchange Code with Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front | -| 4 | Use Token | Front ⇢ Google ⇢ Front | +| 1 | Get Code | Front ⇢ Google ⇢ Front | +| 2 | Exchange Code with Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front | +| 4 | Use Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front |
@@ -27,11 +27,15 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr 1. Frontend **POST** the authorization `code` to the Backend 2. Backend **POST** the authorization `code` to Google 3. Google **response** to Backend with an `access_token` and a `refresh token` - 4. Backend **response** to Frontend with an `access_token` + 4. Backend **response** to Frontend with the `access_token` in a **cookie** 3. Use Token - 1. Frontend **Use** `access_token` to get user data from Google + 1. Frontend **GET** profile data from Backend using the **cookie** + 2. Backend **GET** profile data from Google using the `access_token` from Frontend **cookie** + 3. Google **response** to Backend with profile data + 4. Backend **response** to Frontend with profile data + 5. Frontend render profile data