php - gplus authenticate a client-side user before submitting to my web app -


This is more than a process question question in an error code, please kindly please if I posted to the wrong place.

I have successfully authenticated a jeepless user client-party so that the browser can create a Google ID to use for me. Now I want to post some data on my website as a user ID from that ID but I want to secure it which means that I am not able to post someone on your web app with someone else's Jolly ID I want (it should be authenticated user at that time)

Should I install the PHP Server Sidek SDK and use it? If this is the case, how can I merge client-side data with it?

Thank you

You are absolutely sure about obtaining an ID in a safe way It is difficult to clone it so it is difficult to clone. There are two main options, both properties of authResult object that return to the signed callback:

  1. Send 'code' to the server. It is part of the OAuth 2.0 flow, and can be exchanged on the server side for an access token. With that you can create API calls as a user, and retrieve user IDs and other details. You can be sure who the user is, because only Google could have prepared that code. This would involve using one of the client libraries to handle this token exchange. Use the 'id_token' This is the base 64 encoded blob of JSON that contains the User ID (and the email address if you request the 'Email' field). What makes it secure is that it includes a cryptographic signature, which can verify the server, so it can not be made by someone other than Google ID token is used to get the user ID, and its use Can be used to view the user on the server, but the API does not allow to make calls. The advantage of this is that verification requires only the date certificate which does not change this often, so most calls do not require any network traffic from the server to confirm the user.

    Whatever you use depends on you, but both will need some code on the server. In general, if you call the server to any Google API Do not need to do it, or if you are worried about maximum login performance then use id_token. Here's a bit more information about this type of architecture:

    You can also add both of them. The first time a user signs in (when they see the consent screen) the code exchange will not only return an access token (to call) but will also give a long refresh token, which you store safely in the database can do. If you store it, you can use the id_token to quickly see the user, but still use the fresh token to help with API access.

Comments

Post a Comment

Popular posts from this blog

c - Mpirun hangs when mpi send and recieve is put in a loop -

I was trying to use the program to use mifrewan on 4 node clusters. Distributing node 0 data in nodes 1, 2 and 3. In the program, from '90 'to variable values ​​of' dior 'to be calculated. Therefore the node is distributing data and collecting results in an omitted fashion (for different values ​​of var 'dir') when do {*******} Whereas (dir Loop is given, Mippun is hanging, and no output is found. But when I comment on two {*******} (dir The loop output is obtained for the initial value of variable dir dir = -90 ), and that output is correct. The problem occurs when the loop is given. Can anyone help me in solving this problem. #include "mpi.h" int main (int argc, char * argv []) Float dir = -90; Int rank, nanoprakash; MPI_Status status; MPI_Init (& amp; argc, & argv); MPI_Comm_rank (MPI_COMM_WORLD, & amp; Rank); MPI_Comm_size (MPI_COMM_WORLD, & amp; numprocs); If (rank == 0) {/ / data to begin / / (dest = 1; dest ...
Read more

python - Apply coupon to a customer's subscription based on non-stripe related actions on the site -

I can not find anything in the source about using coupons after subscribing to a user's plan. Is it possible to use a coupon to credit a user's membership after initial subscription? If not, what is the best option? Specifically, I want to give a user 100% coupon for that month, when they take 5 [site specific actions]. This is possible, but may not be the best idea. Coupons are currently applied to the stripe, then apply again at the customer level and each client can have a single coupon. So if you are already offering discounts to the coupon, then the customer who is currently in the present will also give up. It also means that if you are using a recently-added multiple subscription capacity, then all of the user's subscription will be ready for the month. Coupons can be set to "Once", only once (as the only name) can be used by any customer, so if this credit can earn more than once, You will have to maintain a 100% discount coupon continuousl...
Read more

java - Unable to get JDBC connection in Spring application to MySQL -

मैंने स्प्रिंग में डीबी कॉन्फ़िगरेशन का पालन किया है: & lt; bean id = "dataSource" Class = "org.apache.commons.dbcp.BasicDataSource" नष्ट-विधि = "बंद" & gt; & Lt; प्रॉपर्टी नाम = "url" मान = "jdbc: dburl" / & gt; & Lt; संपत्ति नाम = "driverClassName" मान = "com.mysql.jdbc.Driver" / & gt; & Lt; संपत्ति नाम = "उपयोगकर्ता नाम" मान = "उपयोगकर्ता नाम" / & gt; & Lt; संपत्ति नाम = "पासवर्ड" मान = "पासवॉर्फ" / & gt; & Lt; प्रॉपर्टी नाम = "हटाए गए हटाए गए" मान = "सही" / & gt; & Lt; गुण नाम = "प्रारंभिक आकार" मान = "3" / & gt; & Lt; संपत्ति नाम = "अधिकतमअक्टिव" मान = "5" / & gt; & Lt; / सेम ​​& gt; डीबी से गुण मूल्यों को लोड करने के लिए अतिरिक्त कॉन्फ़िगरेशन। & lt; bean id = "config1" class = "org.apache.commons.configuration....
Read more