stevaidis/dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update OAuth2-Front-Approach.md

Browse Source
This commit is contained in:
Ste Vaidis 2024-12-16 17:29:49 +02:00
parent 5c3f4f6405
commit 1b6e6e300d
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
OAuth2-Front-Approach.md
View File

@ -174,8 +174,8 @@ export default Callback;
1. The Backend **receives** the authorization `code` form the Frontend POST at `xorismesiti.gr/api/auth/exchange-token`
2. The Backend **POST** the Authorization `code` to Google API
3. The Google **response** to Backend POST with the tokens
4. The Backend **response** to Frontend POST with the the tokens
3. The Google **response** to Backend POST with the `token`
4. The Backend **response** to Frontend POST with the the `token`
*Security: The backend never expose the client_secret to the frontend. This step should always be handled on the backend.*