Google OAuth automatic login

php oauth-2.0 google-oauth
12,230

Solution 1

https://developers.google.com/accounts/docs/OAuth2Login describes just how to achieve sign-in using Google/ OAuth2.

Solution 2

When user clicks on sign-in button for the first time and enters the login details OAuth returns all user data including email and google ID. So you can store google ID in database with email. Also when user logout and again click on sign-in button, OAuth retrieves the data again. So you can check the google ID retrieved by OAuth with google ID's present in your DB.

Solution 3

What you need to do is to setup a persistent cookie with a unique ID and create an entry in your database that associates that ID with the logged user.

Obviously in the first time the user logs in your site using OAuth you need to create the record of the user in your database.

You also need to redirect to the right Google OAuth endpoint to retrieve a token for offline users, or else the token will expire and it cannot be renewed automatically after a while.

I have written an article precisely on this of getting Google OAuth tokens for offline usage and keep them valid and renewable for as long as you want. This article is about a class that I wrote with all the code to do that including storing tokens in a database.

Share:
12,230
Michael Laffargue
Author by

Michael Laffargue

http://michael.laffargue.fr

Updated on July 20, 2022

Comments

  • Michael Laffargue
    Michael Laffargue almost 2 years

    I got some question about the OAuth2.0 process. I would like to achieve something like Stack Log with google account feature.

    I'm using the PHP library from Google.

    I'm ok retrieving the refresh token and the access token.

    So far so good, my question is : when the user log out from my website and click the button again, how am I supposed to know who the user is to retrieve from DB the right refresh token ?

    I thought about keeping the email in a cookie but StackOverflow doesn't seem to do that as I cleared my cookies but Stack keep connecting me as I click the button without showing back the "Application scope authorization" google page.

    Am I missing something ? Is there an API allowing to get the user email without token ? Maybe RefreshToken should only be used with Mobile APP where you know the user?

    What I want to achieve is relatively simple, the user click the sign-in, first time one has to approve the application. Once its done, I would like to automatically connect the user when the sign-in button is clicked.

    Thanks for any information on that

  • Michael Laffargue
    Michael Laffargue over 10 years
    Well yeah I already read a lot of doc, this one included. I'll take a second look, thanks for pointing.
  • Michael Laffargue
    Michael Laffargue over 10 years
    I'll give you the bounty since you're the first who answered and I'm not really convinced about other answers either. From all my reading, the answer I was waiting for is : "You don't really need the Refresh token for a Website unless you need data from the user while not logged on your Website"
  • breno
    breno over 10 years
    Didn't notice your response in my inbox for a while. It is true that you don't need a refresh_token. As long as the user is signed-in to Google, you only need to periodically refresh the access_token using an invisible i-frame. Using the response_type=token instead of code will return access_tokens in URL fragment and you can reliably perform this operation in the background by attaching display=none in the URL. The easiest way to make this work is to use G+ Sign-In widget. It works for all Google/ Google Apps users, even those without Google+ accounts. See developers.google.com/+

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Unable to refresh OAuth2 token in PHP, invalid grant
Error refreshing the OAuth2 token, message: '{ "error" : "unauthorized_client", "error_description" : "Unauthorized client or scope in request." }'
PHP : Google plus Oauth 2.0 - Getting Error fetching OAuth2 access token, message: 'invalid_client'
Gmail API: How to get access token?
POSTMAN, OAuth2 and Google Directory API
Using PHP cURL to POST data on /oauth2/access_token and GET data as jSON
Why should Client Creadentials be associated with a user in Laravel Passport?
Google OAuth2: Required parameter is missing: grant_type
Google OAuth 2.0 refresh token for web application with public access
Fatal Error - Class 'League\OAuth2\Client\Provider\AbstractProvider' not found (phpMailer)