强制用户通过Google OAuth2选择帐户 [英] Forcing a user to choose an account via Google OAuth2
问题描述
我的应用程序中具有以下工作流程:
I have the following workflow in my application:
- 用户登录到我的自定义应用程序
- 用户单击按钮以链接其YouTube帐户
- 应用程序使用下面的代码列出服务器端请求
- 用户被重定向到Google身份验证网址
此时,发生以下两种情况之一:
At this point, one of two things happens:
[我从不想要这种行为] -如果用户仅登录了一个Google帐户(即gmail,Google Apps for Domains等),则永远不会要求用户选择要链接的帐户.它只是假设他们要使用已登录的那个,然后按照它的喜好进行操作.
[I never want this behaviour] - If the user is logged into exactly one Google account (i.e. gmail, Google Apps for Domains, etc...) the user is never asked to choose which account to link. It just assumes they want to use the one they are logged into and goes upon its merry way.
[我总是想要这种行为] -如果用户未登录任何Google帐户,或者他们登录了多个Google帐户,则要求他们选择要继续使用的帐户.
[I always want this behaviour] - If the user is either not logged in to any Google accounts, or they are logged in to more than one Google account then they are asked to choose which account they'd like to proceed with.
问题:即使该用户当前已登录一个Google帐户,我是否可以通过这种方法来强迫该用户选择一个帐户?
Question: Is there a way for me to force the user to choose an account, even if the user is currently logged into a single Google account?
代码:
private def getFlow() = {
if (flow == null) {
logger.info("Using OAuth client secrets file: " + GoogleOAuthService.CLIENT_SECRETS_JSON)
clientSecrets = GoogleClientSecrets.load(JacksonFactory.getDefaultInstance(),
new InputStreamReader(getClass.getResourceAsStream(GoogleOAuthService.CLIENT_SECRETS_JSON)));
redirectUri = clientSecrets.getDetails().getRedirectUris().get(0)
flow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport, JacksonFactory.getDefaultInstance(), clientSecrets, SCOPES).setDataStoreFactory(
dataStoreFactory).setAccessType("offline").setApprovalPrompt("force").build()
}
flow
}
def newAuthorizationUrl(userId: String) = {
val urlRequest = getFlow().newAuthorizationUrl()
urlRequest.setAccessType("offline")
.setRedirectUri(redirectUri).setState(userId).build()
}
推荐答案
我认为您可以在url中添加一些参数来告诉google使用用户帐户显示同意屏幕,而不是使用默认的google帐户.
I think you can add some parameter in the url to tell google to show the consent screen with the user accounts instead of assuming the default google account.
这可以通过在URL中添加prompt=select_account+consent(URL编码的一部分添加"+")来完成.
This can be done by adding prompt=select_account+consent ("+" is added as a part of url encoding) in the url.
到目前为止,我还没有尝试过,但是也许您可以尝试.
I did not try this till now but maybe you can try.
这篇关于强制用户通过Google OAuth2选择帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
