douzhi0107 2014-10-27 04:22
浏览 104
已采纳

控制用于在PHP服务器中使用Oauth2和Google Play验证用户请求的流程?

I managed to implement the Google Play Services API in my Cordova app (game). The game now sends the Google Play Services Player ID to my server when a person connects.

I am making a system that validates a user's permissions and sends them some data (an image from my server) if the permissions check out. So, I have the Player ID, but that isn't enough to validate that they are who they say they are.

I don't understand how to use Oauth2 to validate a user is who they say they are.

Stop me when I go off track:

Presumably, I would need a one-time token from them that I could then validate with, eh, "something", and then run a PHP validation function with that token and the "something" to validate that they are who they say they are.

I'm not sure how to request the token without having Google Play Services create an authorization window within my app, or what the code for any of it is. I saw some Oauth 2 things in PHP but they are positively gigantic things. I'm looking for something that can clearly explain how I can validate the user and a couple of lines of code for implementing it.

  • 写回答

1条回答 默认 最新

  • dongping4273 2014-10-27 21:40
    关注

    Ok, I think I figured it out. Basic concept...

    1) User asks for access token for Google Play Services Player API. (requires an authorization dialog)

    2) User sends access token to server.

    3) Server sends access token to Google Play Player API.

    4) If successful, server authenticates user.

    https://developers.google.com/games/services/web/api/players/get

    Edit: The above applies to HTTP only. Unfortunately, as far as I can tell, there is no built-in Android / Google Play mechanism to get an authorization code, only an access token.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?