stevaidis/dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update OAuth2.md

Browse Source
This commit is contained in:
Ste Vaidis 2024-12-15 10:32:32 +02:00
parent c99202f6c6
commit 291c9dbcec
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
OAuth2.md
View File

@ -1,11 +1,15 @@
OAuth2 purpose
A way for the `user` to tell `google` to give an access token to `xorismesiti.gr` app
OAuth2 Flow: OAuth2 Flow:
1. **User clicks** "Login with Google" on your platform (xorismesiti.gr). 1. **User clicks** "Login with Google" on your platform `xorismesiti.gr`
2. **Authorization Request**: Redirect to Google's authorization endpoint, requesting the user's profile and email. 2. **Authorization Request**: Redirect to Google's authorization endpoint `accounts.google.com/o/oauth2`, requesting the user's data
3. **User Login and Consent**: User logs in to Google and grants permissions. 3. **User Login and Consent**: User logs in to Google and grants permissions.
4. **Authorization Code Response**: Google redirects back to your platform with an authorization code. 4. **Authorization Code Response**: Google redirects back to your platform `xorismesiti.gr/callback` with an authorization code.
5. **Access Token Request**: Exchange the authorization code for an access token. 5. **Access Token Request**: Exchange the authorization code for an access token.
6. **Access Protected Resources**: Use the access token to fetch the user's Google profile and email. 6. **Access Protected Resources**: Use the access token to fetch the user's Google profile and email from `googleapis.com/oauth2`
7. **Token Refresh** (Optional): If the token expires, use the refresh token to get a new access token. 7. **Token Refresh** (Optional): If the token expires, use the refresh token to get a new access token.
# 1. Authorization Request (User Initiates Login) # 1. Authorization Request (User Initiates Login)