Google OAuth 2.0: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 15: Line 15:
This returns the JS code that starts the "IDP Frame".
This returns the JS code that starts the "IDP Frame".


  GET  /o/oauth2/iframerpc?action=checkOrigin&origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com
  GET  /o/oauth2/iframerpc?action=checkOrigin&
  origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
  client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com


client_id value is hardcoded in the client application (js/gutil.js).
client_id value is hardcoded in the client application (js/gutil.js).
Line 39: Line 41:
If the client is deemed valid:
If the client is deemed valid:


  GET /o/oauth2/iframerpc?action=listSessions&client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com&origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&scope=openid%20profile%20email&ss_domain=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com
  GET /o/oauth2/iframerpc?action=listSessions&
  client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com&
  origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
  scope=openid%20profile%20email&ss_domain=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com


At this point we get "Sign in with Google" and the browser waits.
At this point we get "Sign in with Google" and the browser waits.

Revision as of 00:17, 17 May 2019

Internal

Overview

Call Sequences

Authorization Code Grant Type

Experimental:

GET /o/oauth2/iframe

This returns the JS code that starts the "IDP Frame".

GET  /o/oauth2/iframerpc?action=checkOrigin&
 origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
 client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com

client_id value is hardcoded in the client application (js/gutil.js).

Response:

:status: 200
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 16 May 2019 22:30:28 GMT
date: Thu, 16 May 2019 21:30:28 GMT
cache-control: public, max-age=3600
content-language: en-US
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

{"valid":true}

If the client is deemed valid:

GET /o/oauth2/iframerpc?action=listSessions&
 client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com&
 origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
 scope=openid%20profile%20email&ss_domain=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com

At this point we get "Sign in with Google" and the browser waits.