Hello readers 🙂 If you want to know how to add Google Login to your website or WebApp without using existing Google’s API, then this series of tutorial is for you. Hoping that you will find it useful. So let’s begin. There are two ways of adding Google Login (Authentication) to your website or web app.
- Using OpenID Connect (OAuth 2.0 for Login)
- Using Google+ Sign-In client library that is built on the OAuth 2.0 and OpenID Connect protocols.
Google always recommends using existing client libraries rather that implementing Open Id connect authorization programmatically. This is because various security reasons. If you want to provide a “sign-in with Google” button for your website or app, Google recommends using Google+ Sign-In, which is Google’s sign-in client library that is built on the OAuth 2.0 and OpenID Connect protocols. Google+ Sign-in works with all Google accounts, whether or not they have a Google+ profile.
Whereas in this tutorial we are going to see first approach rather than using Google’s existing client libraries, that is how we can implement Google’s OAuth 2.0 for adding authentication and authorization to our website or web app.
In this approach we simply redirect (with some parameter, don’t worry we gone see it in detail) user to well know Google’s authorization endpoint URI, the process also called as Sending authentication request to Google, which will be handling login process (authentication and authorization). Once Google done with login then it will redirect back to our URI (again with some parameters i.e., onetime access code, if everything goes well or error if something fails). After that we again send another request (again with some essential parameters) to Google’s token endpoint, and which in response returns us a ID token and access token. Once we have obtained this ID token we are done. With the help of this ID token we can request required details about user, this process called as Obtaining user information from the ID token we gone see it in detail. And with the help of access token we can handle user’s account using various Google APIs. So let’s begin step by step.
Stay tuned.. Next post will be made available soon and Don’t forget to subscribe our blog.