From a0614514e8bb3ef0b8d643aa21fb6fb2460336c4 Mon Sep 17 00:00:00 2001
From: Ste Vaidis <ste.vaidis@gmail.com>
Date: Sun, 15 Dec 2024 12:34:19 +0200
Subject: [PATCH] Update OAuth2.md

---
 OAuth2.md | 34 ++++++++++++++++++++++++++++++++--
 1 file changed, 32 insertions(+), 2 deletions(-)

diff --git a/OAuth2.md b/OAuth2.md
index 07405f7..1787491 100644
--- a/OAuth2.md
+++ b/OAuth2.md
@@ -263,8 +263,6 @@ Once the backend exchanges the `code` for the `access_token`,
 
 the frontend can use it to make authenticated requests to the backend or Google APIs
 
-
-
 <details>
 <summary><h3>HTTP Request</h3></summary>
 
@@ -318,12 +316,44 @@ fetch('/api/user-profile', {
 
 </details>
 
+<br><br><br>
+
+
+
 
 
 # 5. [Backend] Fetch User Data
 
 If you want to fetch the user profile data (e.g., from Google), your backend can use the `access_token` to request it from Google’s user info endpoint.
 
+<details>
+<summary><h3>HTTP Request</h3></summary>
+
+```bash
+GET https://www.googleapis.com/oauth2/v3/userinfo
+Authorization: Bearer access-token-from-backend
+```
+</details>
+
+<details>
+<summary><h3>HTTP Request</h3></summary>
+
+```json
+{
+    "sub": "1234567890",
+    "name": "John Doe",
+    "given_name": "John",
+    "family_name": "Doe",
+    "profile": "https://plus.google.com/1234567890",
+    "picture": "https://lh3.googleusercontent.com/a-/AOh14GgIXXl5JXzW0c1Szbl-e1Jch1vhl5rHhH65vlK6J5g5PqkGjj1O0p3t8bgVEOykQ6ykFSQ=s96",
+    "email": "john.doe@example.com",
+    "email_verified": true,
+    "locale": "en"
+}
+```
+
+</details>
+
 <details>
 <summary><h3>Example Backend Code:</h3></summary>