How does Google OAuth authorization work in web applications?

D

dicem2019-09-28 23:48:00

Google

dicem, 2019-09-28 23:48:00

Hello, I watched a lesson on integrating Google Sign In into a react web application, looked through the documentation a bit.
Now the question arose. What exactly does the client receive when authorizing through Google Sign In? How do applications implement data synchronization with Google OAuth and their own data in the database?
For example. If I have 2 authorization options on the site: Through my own authorization form and through GooGle Sign In. How to implement authorization in the first case is our business, but when a person clicks on Google Sign In, what happens? That is, I am provided with Google user data and I have to check it myself for the presence in the database and either authorize the user or register?
How to work with this?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Daria Motorina, 2019-09-29
@dicem

Try to delve into the description of oauth (in google sign in like oauth 2.0 ) - the canonical doc is here (the basics are covered in sections 1.1-1.5) in order to understand where the implementation of oauth itself is, and where the specifics of the implementation. An example of an article in Russian for simplicity.
In theory, if after successful authorization you received an access token, then you need to store it in the database on your side and make requests to update information about the user using the Google api yourself.