Validating OAuth2 token obtained on Android device

2019-07-11 01:49发布

How do I validate an OAuth2 token obtained on an Android device via the Google Identity Toolkit (GitkitClient) on 3rd-party backend (custom python backend, non-gae)?

I'm able to obtain a token on Android via the use of GitkitClient.

But how can my non-google-app-engine (Python) backend verify that this token is valid (from Google)?

标签： validation oauth-2.0 backend google-identity-toolkit

1条回答

smile是对你的礼貌

2楼-- · 2019-07-11 02:18

You could use the Google Identity Toolkit Python client library to verify that token: https://github.com/google/identity-toolkit-python-client.

p12_file = 'YOUR_SERVICE_ACCOUNT_PRIVATE_KEY_FILE.p12'
f = file(p12_file, 'rb')
key = f.read()
f.close()
gitkit_instance = gitkitclient.GitkitClient(
  client_id='YOUR_WEB_APPLICATION_CLIENT_ID_AT_GOOGLE_DEVELOPER_CONSOLE',
  service_account_email='YOUR_SERVICE_ACCOUNT_EMAIL@developer.gserviceaccount.com',
  service_account_key=key,
  widget_url='URL_ON_YOUR_SERVER_TO_HOST_GITKIT_WIDGET')

user = gitkit_instance.VerifyGitkitToken(request.COOKIES['gtoken'])

0人赞添加讨论(0) 举报

Validating OAuth2 token obtained on Android device

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间