将Google+登录限制为特定的Apps域 [英] Restrict Google+ Sign-In to specific Apps Domain
问题描述
当前使用OAuth服务器端一次性代码流,在此处进行讨论: https://developers.google.com/+/web/signin/server-side-flow
Currently using the OAuth server side one-time-code flow, discussed here: https://developers.google.com/+/web/signin/server-side-flow
非常适合Google登录.
Works perfectly for google login.
不过,我希望能够将登录名限制为仅适用于属于特定应用程序域的用户.
I want the ability, though, to limit this login to only work for users that belong to a specific apps domain.
是否可以通过api强制执行此操作?
Is there any way to enforce this through the api?
或者我是否只限于在Google身份验证之后才通过重新分配电子邮件域来这样做?(我想避免这种情况.)
OR am I limited to only doing this on my end after google authentication by regexing the email domain? (I would like to avoid this).
谢谢!
推荐答案
不支持通过Google登录进行此操作.如果有很好的用例,我们可以允许开发人员对客户端ID设置一些限制,并且很多开发人员都将从中受益.我看到的主要问题是我们必须向用户显示的错误消息.最好在您的网站上显示该错误(并进行解释).
There is no support for doing this through Google login. We could allow a developer to set some restrictions on the client id if there are good use cases and a lot of developers would benefit with it. The primary issue I see with is the error message that we have to display to the user. It is better to display that error (and explain) on your site.
通常,作为一种好习惯,您总是希望对系统/服务进行有关授权用户(例如检查域)的检查
In general, as a good practice, you would always want to do the checks on your system/services regarding the authorized user (e.g. check domain)
这篇关于将Google+登录限制为特定的Apps域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!