Does Google OAuth2.0 support OAuth flow for resource credential password credential stream?

Hello, good people on the Internet.

Does Google OAuth2.0 support OAuth flow for resource credential password credential stream? ... and if so, then:

A.) Can this type of OAuth stream be tested on the Google OAuth2 Playground?

B.) are there any examples of “Resource owner account Resources” with Google OAuth2.0 and the Google API?

In a recent OAuth presentation in Oslo NDC 2013, this subject stream seems to completely skip the authorization endpoint and speak directly to the OAuth2 server token endpoint. The query syntax request is supposed to look something like this:

grant_type=password& scope=resource& user_name=owner& password=password& 

My understanding is the password of the credentials of the resource owner for trusted applications in the built-in types of the corporate type (where a pair of names and passwords can be safely stored).

In this particular OAuth stream, no end-user interaction is required (without the Accept browser popup, then get the returned authorization code, etc.). The access and update token is returned in this subject stream, again: without interacting with the end user (although after entering the user password).

Looking through the Google OAuth documentation ( link to the Google OAuth2 docs ), it doesn't seem to mention anything like Resource Password Credential Flow, but is not sure what it means that it is clearly not supported by Google.

Any help or advice would be greatly appreciated.

early

+4
source share
2 answers

As far as I know, there is no OAuth 2.0 data for Google accounts for which Google authenticates.

+4
source

Dear kind internet man,

It’s true that the resource of the resource owner’s account is not supported by Google, but Google suggests using the installed applications stream, which is described in: https://developers.google.com/accounts/docs/OAuth2InstalledApp .

You will need to create the Installed application in the Google Console ( https://code.google.com/apis/console ), when you do this, you can get the client_id and create a GET request with parameters that will look like this:

 https://accounts.google.com/o/oauth2/auth\? scope\=<scope>\& redirect_uri\=urn:ietf:wg:oauth:2.0:oob\& response_type\=code\& client_id\=<client_id fetched from google console> 

You will create this URL and go to it in your browser, allow access to the application, and google will give you what I think is a code that you can use to obtain credentials. You can use these credentials to get an access token and update it, and these credentials are permanent. There's a good example of this on github . Please note that you only need to get these credentials manually once, and then save these credentials somewhere and continue to use them to receive / update tokens.

Hope this helps!

+7
source

Source: https://habr.com/ru/post/1500771/


All Articles