通过第 3 方后端(自定义 python 后端,非 gae)上的 Google Identity Toolkit (GitkitClient) 验证在 Android 设备上获得的 OAuth2 令牌?
Validating OAuth2 token obtained on Android device via Google Identity Toolkit (GitkitClient) on 3rd-party backend (custom python backend, non-gae)?
如何在第 3 方后端(自定义 python 后端,非 gae )?
我可以通过使用 GitkitClient 在 Android 上获得令牌。
但是我的非 google-app-engine (Python) 后端如何验证此令牌是否有效(来自 Google)?
您可以使用 Google Identity Toolkit Python 客户端库来验证该令牌:https://github.com/google/identity-toolkit-python-client.
p12_file = 'YOUR_SERVICE_ACCOUNT_PRIVATE_KEY_FILE.p12'
f = file(p12_file, 'rb')
key = f.read()
f.close()
gitkit_instance = gitkitclient.GitkitClient(
client_id='YOUR_WEB_APPLICATION_CLIENT_ID_AT_GOOGLE_DEVELOPER_CONSOLE',
service_account_email='YOUR_SERVICE_ACCOUNT_EMAIL@developer.gserviceaccount.com',
service_account_key=key,
widget_url='URL_ON_YOUR_SERVER_TO_HOST_GITKIT_WIDGET')
user = gitkit_instance.VerifyGitkitToken(request.COOKIES['gtoken'])
如何在第 3 方后端(自定义 python 后端,非 gae )?
我可以通过使用 GitkitClient 在 Android 上获得令牌。
但是我的非 google-app-engine (Python) 后端如何验证此令牌是否有效(来自 Google)?
您可以使用 Google Identity Toolkit Python 客户端库来验证该令牌:https://github.com/google/identity-toolkit-python-client.
p12_file = 'YOUR_SERVICE_ACCOUNT_PRIVATE_KEY_FILE.p12'
f = file(p12_file, 'rb')
key = f.read()
f.close()
gitkit_instance = gitkitclient.GitkitClient(
client_id='YOUR_WEB_APPLICATION_CLIENT_ID_AT_GOOGLE_DEVELOPER_CONSOLE',
service_account_email='YOUR_SERVICE_ACCOUNT_EMAIL@developer.gserviceaccount.com',
service_account_key=key,
widget_url='URL_ON_YOUR_SERVER_TO_HOST_GITKIT_WIDGET')
user = gitkit_instance.VerifyGitkitToken(request.COOKIES['gtoken'])