在 android 上使用 google id 令牌
working with google id token on android
我可以通过 GoogleSignInAccount.getIdToken() 收到 google id 令牌,因此我对如何处理它没有什么疑问
- 令牌大约 1kb string.I 无法通过每个服务器发送它 request.So 如何在服务器端验证它的正确方法是什么?
- 我看不到刷新 ID 的方法 token.Does 这在 GoogleSignInAccount 中自动发生 class?
- google方面的令牌验证是否有任何限制(配额)?
1.To 不使服务器过载我们决定生成具有相同过期时间(1 小时)的内部(短)访问令牌
2.Token刷新可以通过再次调用登录函数实现:
private void loginGoogle(){
//context is Activity
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(context.getString(R.string.default_web_client_id)).requestEmail()
.build();
if (googleApiClient!=null) {
googleApiClient.stopAutoManage((FragmentActivity) context);
googleApiClient.disconnect();
}
googleApiClient = new GoogleApiClient.Builder(context)
.enableAutoManage((FragmentActivity) context, new GoogleApiClient.OnConnectionFailedListener() {
@Override
public void onConnectionFailed(@NonNull ConnectionResult connectionResult) {
Log.d("auth", "connection failed");
}
})
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
//
OptionalPendingResult<GoogleSignInResult> opr =
Auth.GoogleSignInApi.silentSignIn(googleApiClient);
if (opr.isDone()) {
GoogleSignInResult r = opr.get();
Log.d("auth", "google silent signin sync");
fillGoogleProfile(r.getSignInAccount());
} else {
opr.setResultCallback(new ResultCallback<GoogleSignInResult>() {
@Override
public void onResult(@NonNull GoogleSignInResult result) {
Log.d("auth", "google silent signin async");
if (result.getSignInAccount()==null) {
Intent signInIntent = Auth.GoogleSignInApi.getSignInIntent(googleApiClient);
//catch result in the onActivityResult
context.startActivityForResult(signInIntent, RC_SIGN_IN);
return;
}
fillGoogleProfile(result.getSignInAccount());
}
});
}
}
3.Still 没有找到答案
我可以通过 GoogleSignInAccount.getIdToken() 收到 google id 令牌,因此我对如何处理它没有什么疑问
- 令牌大约 1kb string.I 无法通过每个服务器发送它 request.So 如何在服务器端验证它的正确方法是什么?
- 我看不到刷新 ID 的方法 token.Does 这在 GoogleSignInAccount 中自动发生 class?
- google方面的令牌验证是否有任何限制(配额)?
1.To 不使服务器过载我们决定生成具有相同过期时间(1 小时)的内部(短)访问令牌
2.Token刷新可以通过再次调用登录函数实现:
private void loginGoogle(){
//context is Activity
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(context.getString(R.string.default_web_client_id)).requestEmail()
.build();
if (googleApiClient!=null) {
googleApiClient.stopAutoManage((FragmentActivity) context);
googleApiClient.disconnect();
}
googleApiClient = new GoogleApiClient.Builder(context)
.enableAutoManage((FragmentActivity) context, new GoogleApiClient.OnConnectionFailedListener() {
@Override
public void onConnectionFailed(@NonNull ConnectionResult connectionResult) {
Log.d("auth", "connection failed");
}
})
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
//
OptionalPendingResult<GoogleSignInResult> opr =
Auth.GoogleSignInApi.silentSignIn(googleApiClient);
if (opr.isDone()) {
GoogleSignInResult r = opr.get();
Log.d("auth", "google silent signin sync");
fillGoogleProfile(r.getSignInAccount());
} else {
opr.setResultCallback(new ResultCallback<GoogleSignInResult>() {
@Override
public void onResult(@NonNull GoogleSignInResult result) {
Log.d("auth", "google silent signin async");
if (result.getSignInAccount()==null) {
Intent signInIntent = Auth.GoogleSignInApi.getSignInIntent(googleApiClient);
//catch result in the onActivityResult
context.startActivityForResult(signInIntent, RC_SIGN_IN);
return;
}
fillGoogleProfile(result.getSignInAccount());
}
});
}
}
3.Still 没有找到答案