如何知道谷歌账户是否在谷歌应用程序域名下? [英] How to know if a google account is under a google apps domain?
问题描述
我正在开发一款应用程序,允许用户将他们的云端硬盘文件分享给朋友。但是,Google App帐户存在问题,例如 someone@somadomain.com
,其中的文件无法与不在该域下的用户共享。尽管共享策略可以由 somedomain.com
的管理员进行更改,但我不希望人们使用我的应用与Google Apps帐户。
我也检查了这篇文章:如何确定该帐户是否为Google应用帐户?。但我不同意检查域来检测帐户类型的想法。因为人们可以使用任何电子邮件地址注册Google帐户。我只在Hotmail上注册了一个, someone@hotmail.com
,共享文件时没有域名限制。
任何人都可以帮忙吗?谢谢!
假设您包括:
https://www.googleapis.com/auth/userinfo.email
在您的OAuth范围,您可以提出请求:
https://www.googleapis.com/oauth2/v2/userinfo
如果是Google Apps帐户,则会返回hd参数(托管域?)与Google Apps域名的通话,因为它的价值。如果是消费者帐户,无论是@ gmail.com还是潜在的冲突帐户,都不会返回hd参数。看我下面的例子。 admin@jay.powerposters.org是一个Google Apps帐户,而consumer@jay.powerposters.org是一个消费者帐户。如果我在Google Apps域中创建了一个消费者用户,它将成为一个冲突帐户,而消费者帐户将被推出@ jay.powerposters.org命名空间,但尚未发生。
对于admin@jay.powerposters.org:
$ b
GET https://www.googleapis.com / oauth2 / v2 / userinfo
HTTP / 1.1 200 OK
内容长度:99
X-xss-protection:1; mode = block
...
{
email:admin@jay.powerposters.org,
verified_email:true,
hd:jay.powerposters.org
}
对于消费者@ jay .powerposters.org:
GET https://www.googleapis.com/oauth2/v2/userinfo
HTTP / 1.1 200 OK
内容长度:71
X-xss-protection:1; mode = block
{
email:consumer@jay.powerposters.org,
verified_email:true
}
I am working on an app that allows user to share their Drive files to friends. But there is a problem of Google App Account, like someone@somadomain.com
, of which files cannot be shared with people who are not under that domain. Although the share policy can be changed by admin of somedomain.com
, but I prefer not allowing people use my app with Google Apps Account.
I also check this post: How to determine if the account is a Google apps account?. But I don't agree with the idea of checking domain to detect account type. Because people can register Google Account with any email address. I just registered one with my Hotmail, someone@hotmail.com
, which has no domain restriction when sharing a file.
Can anyone help with this? Thanks!
Assuming you included:
https://www.googleapis.com/auth/userinfo.email
in your OAuth scopes, you can make a request to:
https://www.googleapis.com/oauth2/v2/userinfo
If it's a Google Apps account, an "hd" parameter (Hosted Domain?) will be returned by the call with the Google Apps domain as it's value. If it's a consumer account, whether it's @gmail.com or even a potential "conflicting account", the hd parameter will not be returned. See my example below. admin@jay.powerposters.org is a Google Apps Account while consumer@jay.powerposters.org is a consumer account. If I created a consumer user in the Google Apps domain it wouuld become a conflicting account and the consumer account would be pushed out of the @jay.powerposters.org namespace but that hasn't happened yet.
For admin@jay.powerposters.org:
GET https://www.googleapis.com/oauth2/v2/userinfo
HTTP/1.1 200 OK
Content-length: 99
X-xss-protection: 1; mode=block
...
{
"email": "admin@jay.powerposters.org",
"verified_email": true,
"hd": "jay.powerposters.org"
}
For consumer@jay.powerposters.org:
GET https://www.googleapis.com/oauth2/v2/userinfo
HTTP/1.1 200 OK
Content-length: 71
X-xss-protection: 1; mode=block
{
"email": "consumer@jay.powerposters.org",
"verified_email": true
}
这篇关于如何知道谷歌账户是否在谷歌应用程序域名下?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!