Update OAuth2-Backend-Approach.md

OAuth2-Backend-Approach.md

@@ -2,7 +2,47 @@
 
 A way for the `user` to tell `google` to give an access token to `xorismesiti.gr` app
 
-<br><br><br>
+<br>
+
+### OAuth2 Frontend/Backend Flow:
+
+|  When | What                     | How                                              |
+|-------|--------------------------|:------------------------------------------------:|
+| 1     | Get Code                 | Front ⇢ Google ⇢ Front                     |  
+| 2     | Exchange Code with Token | Front ⇢ Back ⇢ Google ⇢ Back ⇢ Front |
+| 4     | Use Token                | Front ⇢ Google ⇢ Front                     |
+
+<br>
+
+### OAuth2 Frontend/Backend Flow Details:
+
+1. Get Code
+
+    1. Frontend **Redirect** the user to Google's OAuth authorization endpoint `https://accounts.google.com/o/oauth2`
+    2. User **Login in** to Google and grant permissions
+    3. Google **Redirect** the user back to callback url including the authorization code and a random_state_value `https://xorismesiti.gr/callback?code=ABCD&state=XYZ` 
+
+2. Exchange Code with Token
+
+    1. Frontend **POST** the authorization `code` to the Backend
+    2. Backend **POST** the authorization `code` to Google
+    3. Google **response** to Backend with an `access_token` and a `refresh token`
+    4. Backend **response** to Frontend with an `access_token`
+
+3. Use Token
+
+    1. Frontend **Use** `access_token` to get user data from Google
+
+<br><br>
+
+
+
+
+
+
+
+
+
 
 ### OAuth2 Standar Flow: