基本上流程因前端是react app,
所以會使用前端的fb/google sdk來取得access token,
再提供restful api來驗證access token,
成功後就可以取得Oauth的用戶資訊,
接著就是自已server 用戶資料,如何連結社群的邏輯。
node.js套件
https://github.com/jaredhanson/passport-facebookhttps://github.com/jaredhanson/passport-facebook-token
https://github.com/jaredhanson/passport-google-oauth2https://github.com/davidep87/passport-token-google
https://github.com/jmreyes/passport-google-id-token (暫時沒使用)
踩到的雷
{"message":"passport.initialize() middleware not in use"}
初始化的順序在路由的後面,會無效
{"message":"Failed to serialize user into session"}
設定session false或設定serializeUser/deserializeUser方法
後端實作要注意一下client是丟哪一種token過來
// The OAuth2 access token to access Google services. @property(nonatomic, readonly) NSString *accessToken
// An OpenID Connect ID token that identifies the user. Send this token to your server to // authenticate the user there. For more information on this topic, see // https://developers.google.com/identity/sign-in/ios/backend-auth @property(nonatomic, readonly) NSString *idToken;
以下是Google是供的api參考
採用OpenId協定 的 access_token
https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=你的token
採用Oauth2的access_token
https://www.googleapis.com/oauth2/v1/userinfo?access_token=你的token
初始化的順序在路由的後面,會無效
{"message":"Failed to serialize user into session"}
設定session false或設定serializeUser/deserializeUser方法
驗證oauth access token
因為iOS實作Google的話,GoogleSignIn是供二種Access token,後端實作要注意一下client是丟哪一種token過來
// The OAuth2 access token to access Google services. @property(nonatomic, readonly) NSString *accessToken
// An OpenID Connect ID token that identifies the user. Send this token to your server to // authenticate the user there. For more information on this topic, see // https://developers.google.com/identity/sign-in/ios/backend-auth @property(nonatomic, readonly) NSString *idToken;
以下是Google是供的api參考
採用OpenId協定 的 access_token
https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=你的token
採用Oauth2的access_token
https://www.googleapis.com/oauth2/v1/userinfo?access_token=你的token
沒有留言:
張貼留言
留個話吧:)