Google Smart Lock与凭证管理API [英] Google Smart Lock vs Credential Management API
问题描述
我想为我的Web应用程序实现无摩擦登录过程.
经过一番搜索,我发现有两种解决方案:
- Google Smart Lock .
- 凭据管理API . >
我的问题是,这两个API(如果有)之间有什么区别,这两个API的可能用例是什么.
据我了解,两者均允许我们保存与帐户相关的信息.但是智能锁定的优点在于,保存的凭据也可以在相应的android应用中使用.
谢谢!
注意: 我打算支持从多个来源(google,facebook,linkedin等)登录,而不仅仅是google.
TL; DR 一键式注册/自动登录库包括凭据管理.您可能应该只使用以下库: https://developers.google. com/identity/one-tap/web/get-started
详细信息
JavaScript库支持使用Google帐户创建帐户(通过可在内容页面上显示的简化的内联UX,而用户则必须导航至基于按钮的传统UX,并找出与之交互的按钮/选项)弹出/重定向)
对于回头用户,该库允许您以编程方式在页面加载时检索现有的一键式/传统Google登录用户的令牌以及通过支持该证书的浏览器中的凭据管理API生成的密码.您可以使用以下代码执行此操作:
const retrievePromise = googleyolo.retrieve({
supportedAuthMethods: [
"https://accounts.google.com",
"googleyolo://id-and-password"
],
supportedIdTokenProviders: [
{
uri: "https://accounts.google.com",
clientId: "YOUR_GOOGLE_CLIENT_ID"
}
]
});
retrievePromise.then((credential) => {
if (credential.password) {
// An ID (usually email address) and password credential was retrieved.
// Sign in to your backend using the password.
signInWithEmailAndPassword(credential.id, credential.password);
} else {
// A Google Account is retrieved. Since Google supports ID token responses,
// you can use the token to sign in instead of initiating the Google sign-in
// flow.
useGoogleIdTokenForAuth(credential.idToken);
}
}
有关详细信息,请参见文档.该库当前不支持非Google/密码形式的身份,您现在必须自己与其他提到的身份提供者SDK实施登录流程.
还要注意,所有与Google帐户相关联的登录信息(基于OAuth令牌或已存储并已同步密码)将可在Android和Chrome浏览器中使用(其余的用于基于令牌的帐户). >
对于任何后续问题,请发表评论.
I want to implement frictionless sign in process for my web app.
After some searching, I have found that there are two solutions available :
My question is, What is the difference between the two API's (if any) and what are the possible use cases for both of these.
From what I have understood, both allow us to save account related info. But the advantage with smart lock is, that saved credentials can be used in corresponding android apps as well.
Thanks !
Note: I intend to support login from multiple sources (google, facebook, linkedin etc.) , not just google.
TL;DR the one-tap sign-up / auto sign-in library includes Credential Management. You should probably just use the library: https://developers.google.com/identity/one-tap/web/get-started
Details
The JavaScript library supports account creation with Google Accounts (via a streamlined inline UX that can be shown on content pages instead user having to navigate to a traditional button-based UX and figure out which which button/option to pick and interact with pop-up/redirect)
And for returning users, the library allows you to programmatically retrieve on page load both tokens for existing one-tap / traditional Google Sign-In users as well as passwords via the Credential Management API in browsers that support it. You can do this with code such as the following:
const retrievePromise = googleyolo.retrieve({
supportedAuthMethods: [
"https://accounts.google.com",
"googleyolo://id-and-password"
],
supportedIdTokenProviders: [
{
uri: "https://accounts.google.com",
clientId: "YOUR_GOOGLE_CLIENT_ID"
}
]
});
retrievePromise.then((credential) => {
if (credential.password) {
// An ID (usually email address) and password credential was retrieved.
// Sign in to your backend using the password.
signInWithEmailAndPassword(credential.id, credential.password);
} else {
// A Google Account is retrieved. Since Google supports ID token responses,
// you can use the token to sign in instead of initiating the Google sign-in
// flow.
useGoogleIdTokenForAuth(credential.idToken);
}
}
See the documentation for details. The library does not currently support non-Google/password forms of identity, you'd have to implement sign-in flow with other mentioned identity providers SDKs yourself at the moment.
Also note that any sign-ins associated with a Google Account (OAuth token-based or stored and sync'ed password) will be available across Android and Chrome (and the rest of the for token-based accounts).
Please leave comments for any follow up questions.
这篇关于Google Smart Lock与凭证管理API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!