How to login user to a google webpage after successful OAuth 2.0 login?

Question

Google recommends migrating from the deprecated Clientlogin to OAuth 2.0. Let's assume I've got OAuth 2.0 working.

How can I then give the user a link that grants him authorization to one of his google pages without having to enter all login data again? (How to skip the login process?)

With Clientlogin this was possible - you could receive all needed tokens and start a TokenAuth. This was tricky because it wasn't documented, but worked.

How can I do this with OAuth 2.0?

Just to make it clear - I'm developing an installed application.

Answer 1

Okay, I've found a way. I'm switching to OAuth2 and in the process hijack the google cookies. OAuth 2 isn't more secure than the older ClientLogin. At one point, the user has to enter his credentials and once authenticated, I gain access to the SID and LSID. With SID and LSID I can go the old way with TokenAuth OR directly merge sessions.

Answer 2

You cannot do that in OAuth 2.

But if you open the link in the default external browser then most likely the user already has an active session. If not, then the user will have to login only once.