OAuth 2.0 for Client-side Web
To retrieve Data or Resources of the user, we need to register as a client at the authorization server.
Provide details in order to access User resources in the authorization server.
- Application Name: Name of Application be shown to User
- Redirect URLs: Authorization Code and Access Token are received through that URLs.
- Grant/Authorization Type: Access of Resources Type is controlled by it.
- Origins: Hostname allowed to request for resources via XMLHttpRequest its Optionals.
Steps:
1. Add link to index.html
GoogleAuth.signIn();
and below link to a page where you want a Sign In/Up button.
2. The script required to function an Oauth2.0 as below:
Declaration :
Random strings are generated by the authorization server when the client requests them is known as Token. Example of client_id to access to user content is: 'xxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com' as we use only one token to authenticate the client as previously OAuth1 used to use two for each API calls which is used to generate the signature.
Functions:
Also,
Some of the OAuth use the client password may need a server, which must be kept in a secure place. This problem can be byPass by creating a back-end to do the OAuth server calls for Mobile and Desktop Apps.