使用django-rest-auth在Android中进行Google登录 [英] Google Sign-in in Android with django-rest-auth
问题描述
我一直在尝试在Android中添加Google登录,但是有一些疑问.从Android文档集成google登录android 在服务器端身份验证部分,需要 Client Id
,这是后端服务器的OAuth 2.0 Web应用程序 client ID
.
I've been trying to add Google Sign-In in Android but have a couple of doubts.
From the Android documentation Integrate google sign in android
In the server side authentication part Client Id
is required which is OAuth 2.0 web application client ID
for your backend server.
摘自android文档:
From android's documentation:
获取后端服务器的OAuth 2.0客户端ID如果您的应用通过后端服务器进行身份验证或从后端服务器访问Google API,则必须获取为服务器创建的OAuth 2.0客户端ID.查找OAuth 2.0客户端ID
Get your backend server's OAuth 2.0 client ID If your app authenticates with a backend server or accesses Google APIs from your backend server, you must get the OAuth 2.0 client ID that was created for your server. To find the OAuth 2.0 client ID
据我了解,流程为:
- Android应用程序将从Google获取
验证码
,并将其传递给后端. - 后端将从Android应用程序中获取具有
auth code
的访问令牌
和client secret
. - 使用
访问令牌
,我们获得用户的信息,并且访问令牌
保存在数据库中.
- Android app will get the
auth code
from google which will be passed to the backend. - The backend will get the
access token
with theauth code
from the android app and theclient secret
. - With the
acess token
we get the user's information and theaccess token
is saved in the database.
我的疑问是:
- 我在StackOverflow上的某个地方读到,我们需要创建两个OAuth客户端,一个用于Android,一个用于Web应用程序.这是真的吗?
- Django Rest Auth登录视图需要定义一个
redirect_url
,但对于Android设备,我不理解redirect_uri
是什么,否则我们需要通过网址,同时从Google获取身份验证代码
. - 在OAuth游乐场上,我放入了后端的
client id
和client secret
,并获得了auth code
,当我通过此auth代码
到我的登录视图中,我得到了redirect_uri_mismatch
,但是如果我将redirect_url ='developer.google.com'
设为有效,那么我猜身份验证代码
包含从中生成主机信息,这就是为什么它应该与我的rest-auth视图中的redirect_url
相同,但是对于android来说应该是什么?
- I read somewhere on StackOverflow that we need to create two OAuth client one for Android and one for Web Application. Is this True?
- Django Rest Auth Login View need to have one
redirect_url
defined but I don't understand what would be theredirect_uri
in case of Android device or we need to pass this URL while getting theauth code
from Google. - On OAuth Playground I put my backend's
client id
andclient secret
and got theauth code
and when I passed thisauth code
to my login view I was getting theredirect_uri_mismatch
but If I putredirect_url = 'developer.google.com'
It works, I guess theauth code
contains host information from where it is generated that's why this should be the same asredirect_url
in my rest-auth view but then for android what it should be?
这是我的Google登录视图.
Here is my Google Login View.
class GoogleLogin(SocialLoginView):
adapter_class = GoogleOAuth2Adapter
client_class = OAuth2Client
callback_url = 'localhost:8000' # What this should be?
如果我忘记放任何东西,请询问更多信息.
Please ask for more information If I forgot to put any.
我正在使用这个 django-rest-auth
一些有用的链接-
- https://github.com/Tivix/django-rest-auth/issues/262#issuecomment-256562095 #它说回调URL可能是伪造的,但我得到了
redirect_uri_mismatch
- https://github.com/Tivix/django-rest-auth/issues/262#issuecomment-256562095 # It says callback URL could be a fake one but I get
redirect_uri_mismatch
推荐答案
所以最后,我弄清楚了,回答我自己的问题,以便有人会发现这很有帮助.
So Finally, I figured it out, Answering my own question so someone might find this helpful.
- 是的,您需要两个客户端ID,一个用于Android设备,一个用于Web应用程序.
- 只需添加 http://localhost:8000/accounts/google/login/callback/作为
callback_url
在GoogleLoginView中,然后将其放入您的Google开发者控制台中. - 我不完全知道Android生成的身份验证代码是否包含任何主机信息,但似乎只要您在登录视图类和Google Developer Console中添加的回调URL相同,它将起作用.
- Yes, you need two client id one for your Android device and one for your web application.
- Just add http://localhost:8000/accounts/google/login/callback/ as
callback_url
in the GoogleLoginView and put the same in your Google developer console. - I don't know exactly if the auth code generated by the Android contains any host information or not but it seems as long as the callback URL you added in the login view class and in google developer console is the same it will work.
您的Google登录视图应如下所示.
Your Google sign in view should look like this.
class GoogleLogin(SocialLoginView):
authentication_classes = (JSONWebTokenAuthentication,)
adapter_class = GoogleOAuth2Adapter
callback_url = 'http://localhost:8000/accounts/google/login/callback/'
client_class = OAuth2Client
注意:如果要将身份验证代码传递给此视图,但如果要传递
access_token ,则只需要
callback_url
和client_class
code>,则不需要callback_url
和client_class
.
Note: You only need
callback_url
andclient_class
in case where you are passing the auth code to this view but if in you are passing theaccess_token
thencallback_url
andclient_class
is not necessary.
这篇关于使用django-rest-auth在Android中进行Google登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!