All geek questions in one place

Three-legged oauth stream in a mobile application

I have a 3-legged auth flow working on my web application. This happens as follows:

  • Use Connect with Google Clicks
  • They accept in the OAuth dialog that Google provides
  • The page is redirected to my backend / oauth / google endpoint with a code parameter that I send to Google to get a refresh_token so that I can access data (for example, calendar information) on behalf of it.
  • I redirect back to the web application by passing my own JWT token to the URL.
  • Whenever a web application makes a request, for example api.mybackend.com/me, they use the JWT token that I provided

I am trying to do something like this in a mobile application. What is an acceptable way to do this? Is that pretty much the same logic?

If that helps, my backend is Ruby on Rails, and I'm writing a mobile app in Swift.

Thanks!

+5
source share
1 answer

If you are using NSURLSession to create HTTP requests, see this for information on working with forwarding.

Google also has ready-made Google login packages for iOS and Android, which you can include in your application, similar to the one in your web client. I never used them, so I don’t understand how exactly they will integrate with you.

Alternatively, you can configure an authentication endpoint in your backend, which processes all this, while the application only makes one request to your server and your server processes the connection with Google. For example, you can send a user a request to / oauth / mobile. The server then sends an authentication request to Google and receives an access token and an update token. Then you can return your application token from the server. Google has Google input documentation for server-side applications that may be relevant.

+3
source

Source: https://habr.com/ru/post/1234882/

More articles:


All Articles