OpenID的连接"谷歌&QUOT之间的差异;和"登录在与谷歌"? [英] Difference between Google "OpenID Connect" and "sign-in with Google"?
问题描述
我希望用户在我的网站上使用谷歌帐户验证/登录我的网站。主使用情况是用户可以编辑和生成的内容,我们要记录所有权的安全方式。我们不希望获得用户的谷歌的数据,我们只是想验证用户身份的方法。
I want users to my website to use Google Accounts to authenticate / sign in to my website. The primary use case being users will edit and generate content and we want to log ownership in a secure way. We are not interested in obtaining users Google data, we just want a means to authenticate users.
谷歌搜索后,我遇到了一些文件,这似乎可以解释如何做到这一点的 OpenID的连接(的OAuth 2.0来了登录)。但文档马上说:注意:如果你想提供一个登录在与谷歌为您的网站或应用按钮,我们建议使用Google+登录功能,...,而如果按照链接,最终你需要来 Google+登录。
After googling, I came across some documentation, which seems to explain how to do this OpenID Connect (OAuth 2.0 for Login). But the documentation immediately says "Note: If you want to provide a "sign-in with Google" button for your website or app, we recommend using Google+ Sign-In, ...", which if you follow the link ultimately takes you to Google+ Sign-In.
有什么文件,这两个页面之间的区别?为什么首先告诉你去第二个同时的不是说首先是德precated 的?都/无论是适合我的使用案例?所有它说的是:我们推荐的我想知道为什么,为什么他们推荐它
What's the difference between these two pages of documentation? Why does the first tell you to go to the second while not saying the first is deprecated? Are both/either suitable for my use case? All it says is "we recommend" I want to know WHY, WHY do they recommend it?
更新:我还发现另一个链接,这似乎是另一种记录方法<一href=\"https://developers.google.com/accounts/docs/OAuth2WebServer\">https://developers.google.com/accounts/docs/OAuth2WebServer我认为,这仅仅是授权,即授权您的应用程序,使谷歌API调用来获取用户数据,因此不能用于认证/登录。
UPDATE: I also found yet another link which seems to be documenting another approach https://developers.google.com/accounts/docs/OAuth2WebServer I think this is just for "Authorization" i.e. authorizing your app to make google api calls to get user data, so cannot be used for authenticating/sign-in.
BTW我建立自己的网站与斯卡拉喷雾BE REST API和放大器; NG JS FE。
BTW I'm building my website with a Scala Spray BE REST API & NG JS FE.
推荐答案
这两个的比较,请这里
Google+登录使用配置文件范围
Google+ Sign-In with profile scope
- 的谷歌客户端库。这也可以使实施更容易,需要更少的锅炉板code
- 的Google+登录按钮,简化登录已经没有了pre-内置部件
- 支持超过空中的Android安装
对于使用OAuth 2.0,其中包括Google+和其他谷歌服务(如获取一个用户社交信息)的支持认证
的OAuth登录主要是只为验证的在一个较低的水平的,就是通过原始的HTTP请求,没有API。
OAuth login is primarily just for authentication at a lower level, that is by making raw HTTP requests, no API.
OpenID的连接协议(OAuth 2.0用户登录)
Google+登录支持OIDC的互操作性,如果你与OpenID范围来配置和获取用户简介使用getOpenIdConnect。
OpenID Connect protocols (OAuth 2.0 login) Google+ Sign-In supports OIDC interoperability if you configure with the openid scope and get the user profile using getOpenIdConnect.
OAuth 2.0用户登录支持OIDC直接。使用它为用户签单不需要社交功能并没有被Google+登录的支持的平台上运行的应用程序。
OAuth 2.0 login supports OIDC directly. Use it for signing in users to apps that do not need social features and run on platforms not supported by Google+ Sign-In.
这篇关于OpenID的连接&QUOT;谷歌&QUOT之间的差异;和&QUOT;登录在与谷歌&QUOT;?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!