Google client API - limit oauth authentication to

2019-07-29 10:11发布

站内问答 / 前沿技术
1154 2 4

Has anyone had any experience of using the Google Client API to authorise against their domain by restricting the domain a user can login with?

The titbit that is required appears to be a qs parameter: hd='[Domain name]'

but there's nothing similar in the OAuth2Parameters parameters object

var oap = new OAuth2Parameters
{
        AccessToken = Current == null ? null : Current.AccessToken,
        RefreshToken = Current == null ? null : Current.RefreshToken,
        ClientId = GoogleClientId,
        ClientSecret = GoogleClientSecret,
        Scope = "https://spreadsheets.google.com/feeds https://docs.google.com/feeds https://www.googleapis.com/auth/userinfo.email",
        RedirectUri = HttpContext.Current.Request.Url.Scheme.Concatenate("://", HttpContext.Current.Request.Url.Authority,                                                                             "/Builder/Authentication/Receive"),
        AccessType = "offline" //ensures a refresh token (tho not currently working),
        *HD = //Hmm if only... :(((*

    };
var authorizationUrl = OAuthUtil.CreateOAuth2AuthorizationUrl(oap);

return Redirect(authorizationUrl);

2条回答
家丑人穷心不美
2楼-- · 2019-07-29 10:27

so,in fact, all we need is to adjust the url thus:

var authorizationUrl = OAuthUtil.CreateOAuth2AuthorizationUrl(oap);
authorizationUrl += "&hd=" + "mydomain.com".UrlEncode();
return Redirect(authorizationUrl);

Hope that helps someone down the line.

查看更多
0人赞 添加讨论(0) 举报
我命由我不由天
3楼-- · 2019-07-29 10:36

Use hd parameter.

Google documentation

Warning: This tag is documented in OAuth 1.0 API Reference. In version 2 is not documented but works.

Important: OAuth 1.0 has been officially deprecated as of April 20, 2012. It will continue to work as per our deprecation policy, but we encourage you to migrate to OAuth 2.0 as soon as possible.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)