如何从Google登录Javascript SDK获取访问令牌?
我有一个简单的单页javascript webapp,它使用Google Signs In for Websites: https://developers.google.com/identity/sign-in/web/sign-in
I have a simple single-page javascript webapp which uses "Google Sign-In for Websites": https://developers.google.com/identity/sign-in/web/sign-in
如何获取访问令牌用户?我需要在我的服务器上验证用户身份的可验证性。我不想离线访问;我只想知道当Web客户端向我的服务器发送ajax请求时,我可以信任登录用户的身份。
How can I get an access token for the user? I need a verifiable assertion of the user's identity on my server. I don't want offline access; I just want to know that when the web client sends an ajax request to my server, I can trust the identity of the logged-in user.
出于验证目的,最好使用作为auth响应一部分的 id_token ,并且可以在任何点检索:
For verification purposes it would be better to use the id_token which is part of the auth response, and can be retrieved at any point like this:
gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse().id_token
Google API客户端库提供验证id_token的功能,并在服务器端为您提供相关的用户信息:https://developers.google.com/api-client-library/
The Google API Client libraries offer functions to verify the id_token and give you the associated user information on the server side: https://developers.google.com/api-client-library/