How to make authorization in the application through Google+?

R

robert_n2016-02-01 16:36:35

Google

robert_n, 2016-02-01 16:36:35

Hello!
Now I am developing an application for Android and I want to enable users to log in / register by email and through social networks (Google+, VK, Facebook, etc). I did authorization by email, everything works, but there were difficulties with authorization through social networks. networks, such as Google+. Please answer any questions!

What should be the table structure for storing user information? Now I have created the following structure:
```
Table 'Users'        Table 'Social Account'
_________________     _________________
| id_user       |     | id
| email         |     | id_user                
| hash_password |     | name_network  
| token         |     | id_user_network
```
Is it correct? And is it worth creating a separate "Provider" table to store information about social services? networks (eg name, address, etc.)?
What is the general scheme of actions for authorization through Google+? Do I understand correctly:
- 1 - The user clicks the "Sign in with Google+" button
- 2 - Gives permission to use his data
- 3 - We make a request to receive a token
- 4 - If the token has arrived, then we call the authorization function on the server and pass it our token
- 5 - We make a request to get information about the user using this token
- 6 - If everything is OK, then we get the information and check the user
- 7 - First, we look for the user in the "Social Account" table by the "id_user_network" field
- 8 - If we find, then authorize
- 9 - If not, then we are looking for a user by email in the "Users" table
- 10 - If we find it, then create a record in the "Social Account" table and authorize the user
- 11 - If the user with this email is not found, then he logged in for the first time and then add data to the "Users" and "Social Account" tables

How to check the token on the server? .
Now I have learned how to get a token on the client side:

...
 GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
        .requestIdToken(getString(R.string.server_client_id))
        .build();
...

GoogleSignInResult result = Auth.GoogleSignInApi.getSignInResultFromIntent(data);
if (result.isSuccess()) {
    GoogleSignInAccount acct = result.getSignInAccount();
    String idToken = acct.getIdToken();
    mIdTokenTextView.setText("ID Token: " + idToken);
    // Вот здесь нужно отправить полученный токен на сервер и вызвать функцию проверки этого токена
} else {
    mIdTokenTextView.setText("ID Token: null");
}

There are no problems with sending the token, but how can I check it on the server? Can you show an example or give a link to an article?

For now I will limit myself to these questions) Thank you in advance for your interest and your answers.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

P

Philipp, 2016-02-01
@zoonman

The action plan is correct.
As for checking tokens, go to the official website and read
https://developers.google.com/identity/sign-in/web...
https://developers.google.com/api-client-library/p
... Google has a ready SDK , you just need to connect it.

R

Roman Vasilenko, 2016-02-11
@farewell

A call that returns information about the user:
Should return HTTP 200 OK and JSON with a list of fields.

{
  "aud": GOOGLE_CLIENT_ID,
  "sub": GOOGLE_USER_ID,
  ... Ещё какие-то поля ..
}

We check if aud matches our GOOGLE_CLIENT_ID and if so, use the sub value to identify the user.
GOOGLE_CLIENT_ID is an identifier ending with ".apps.googleusercontent.com" that can be obtained from the Google API Console (Create a Web Application)