OAuth 2.0访问Google API for Wordpress插件 [英] OAuth 2.0 to Access Google APIs for Wordpress plugins

问题描述

我有一个WordPress插件，用于显示YouTube数据API版本3的Youtube视频。它不会请求隐私信息，并且只会使用列表方法执行读取操作。

我不知道什么应用程序类型（Web应用程序，服务帐户或已安装的应用程序）我必须在OAuth 2.0中选择要访问Google API以用于Wordpress插件。

我应该在插件中添加我的客户端ID和客户端密钥吗？

什么是最合适的在这种类型的应用程序中使用OAuth的方式？我非常感谢任何指向教程的链接。

我是否应该要求用户在Google API控制台中注册自己的应用程序？

<假设最终用户访问WordPress博客的人希望看到他们自己的视频，并且每个最终用户都必须单独通过审批流程。

不幸的是，这种情况没有理想的解决方案。

这种情况下的应用程序类型是web应用程序，但是您无法注册和发送客户ID和密码。用户（WordPress博客管理员或所有者）必须在devconsole中注册自己的应用程序。

如果您注册并硬编码客户端ID和密码，则最终用户将被提示访问WordPress YouTube插件（这对他们没有意义），而不是博客名称（他们知道他们正在阅读）。此外，分发Web应用程序的秘密还有多个安全问题。

I have a Wordpress plugin that will be used to display Youtube videos with YouTube Data API version 3. It will not request private information and will perform only read operations with the list method.

I do not know what "Application type" (Web application, Service account or Installed application) I have to select in OAuth 2.0 to access Google APIs to use in a Wordpress plugin.

Should I add my client id and client secret in the plugin?

What is the most appropriate way to use the OAuth in an application of this type? I would greatly appreciate any link to a tutorial.

Should I request the user to register its own application in the Google APIs Console?

解决方案

Assuming that end users, people vising the WordPress blog, want to see their own videos and as a result each end user must go separately through the approval flow.

Unfortunately there is no ideal solution for this case.

The application type in this case is web application, but you cannot register and ship the client id and secret. The user (the WordPress blog admin or owner) has to register its own application in devconsole.

If you do register and hard code the client id and secret, then end users will be prompted to give access to "WordPress YouTube plugin" (which makes no sense to them) instead of "Blog Name" (which they know they are reading). Also, there are multiple security issues with distributing the secret for a web app.

这篇关于OAuth 2.0访问Google API for Wordpress插件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！