Gadget OAuth2 from OpenID Authentication

StackOverflow https://stackoverflow.com/questions/22543240

Question

I am updating my app to OAuth2 and have few questions.

Email address is the user id in our application.

  • As explained in the old docs for openid association with the user id in our app, we were showing a popup storing the open_social_id in the database and creating a temp session key. After the user was successfully associated, we were adding the open_social_id next to the user id looking at the temp session key. This was/is working fine. https://developers.google.com/google-apps/marketplace/best_practices#gadget_sso

But with oauth2, since we get the email address (From Contacts Scope of the current user who is logged in), I am trying to figure out how to authenticate this at my server? Should I accompany email address with open_social_id and rely on open_social_id everytime in the future? Is this the right way?

Or should I add OAuth2 proxy at my server to allow access with the right scope.

Thanks.

Was it helpful?

Solution

You don't have to change too much.

In the old setup, you displayed a popup that passed through openId to get the user's identity and e-mail address.

In the new setup, you show a popup that does an OAUTH2 dance to get the user's identity and e-mail address.

Because the scopes are pre-authorized, the end user will not see the consent screen and from a end user's perspective, nothing really changes.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top