From cb8b251deafa14d8fb695c2c311bf1f317414a6b Mon Sep 17 00:00:00 2001 From: Ste Vaidis Date: Sun, 15 Dec 2024 12:03:56 +0200 Subject: [PATCH] Update OAuth2.md --- OAuth2.md | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/OAuth2.md b/OAuth2.md index e557f82..2582dd9 100644 --- a/OAuth2.md +++ b/OAuth2.md @@ -12,21 +12,20 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr 6. **Access Protected Resources**: Use the `access_token` to fetch the user's Google profile and email from `googleapis.com/oauth2` 7. **Token Refresh** (Optional): If the `access_token` expires, use the `refresh token` to get a new `access_token`. - - ### Summary of Tasks Split Across Frontend and Backend: ***Frontend** -1. Redirect the user to Google's OAuth authorization endpoint. -2. Capture the authorization code after Google redirects back to the frontend. -3. Send the authorization code to the backend for token exchange. +1. **Redirect** the user to Google's OAuth authorization endpoint. +2. **Get** the authorization `code` after Google redirects back to the frontend. +3. **Send** the authorization `code` to the backend for `token` exchange. **Backend** -1. Handle the token exchange (exchange the authorization code for an access token and refresh token). -2. Optionally fetch user profile data from Google (or other resources) using the access token. -3. Store the tokens securely (in session or a database). -4. Provide a way to refresh the access token if it expires. -5. By splitting the OAuth flow this way, the sensitive details (like the client secret and token exchange) remain secure on the backend, while the frontend handles user interaction. +1. **exchange** the authorization `code` for an `access_token` and `refresh token` +2. **fetch** user profile data from Google (or other resources) using the `access_token` +3. **Store** the `tokens` securely (in session or a database). +4. **Refresh** the `access_token` if it expires. + + # 1. [Frontend] Request Authorization code