Difference between revisions of "Google OAuth 2.0"

From NovaOrdis Knowledge Base
Jump to: navigation, search
(Authorization Code Grant Type)
(Authorization Code Grant Type)
Line 15: Line 15:
 
This returns the JS code that starts the "IDP Frame".
 
This returns the JS code that starts the "IDP Frame".
  
  GET  /o/oauth2/iframerpc?action=checkOrigin&origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com
+
  GET  /o/oauth2/iframerpc?action=checkOrigin&
 +
  origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
 +
  client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com
  
 
client_id value is hardcoded in the client application (js/gutil.js).
 
client_id value is hardcoded in the client application (js/gutil.js).
Line 39: Line 41:
 
If the client is deemed valid:
 
If the client is deemed valid:
  
  GET /o/oauth2/iframerpc?action=listSessions&client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com&origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&scope=openid%20profile%20email&ss_domain=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com
+
  GET /o/oauth2/iframerpc?action=listSessions&
 +
  client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com&
 +
  origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
 +
  scope=openid%20profile%20email&ss_domain=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com
  
 
At this point we get "Sign in with Google" and the browser waits.
 
At this point we get "Sign in with Google" and the browser waits.

Revision as of 00:17, 17 May 2019

Internal

Overview

Call Sequences

Authorization Code Grant Type

Experimental:

GET /o/oauth2/iframe

This returns the JS code that starts the "IDP Frame".

GET  /o/oauth2/iframerpc?action=checkOrigin&
 origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
 client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com

client_id value is hardcoded in the client application (js/gutil.js).

Response:

:status: 200
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 16 May 2019 22:30:28 GMT
date: Thu, 16 May 2019 21:30:28 GMT
cache-control: public, max-age=3600
content-language: en-US
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

{"valid":true}

If the client is deemed valid:

GET /o/oauth2/iframerpc?action=listSessions&
 client_id=7777777777777-a7a7a7a7a7a7a7a7a7a7a7a7a7a7a7a.apps.googleusercontent.com&
 origin=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com&
 scope=openid%20profile%20email&ss_domain=http%3A%2F%2Ftestclient.novaordis.s3.amazonaws.com

At this point we get "Sign in with Google" and the browser waits.