当我们从 Android 设备使用 google api 登录时,我无法区分这两者:requestIdToken 和 requestServerAuthCode。
我的要求是为用户提供登录 android 设备的选项,并在登录后将数据同步到我的服务器。 服务器需要验证来自 Android 设备的登录用户请求。我正在考虑使用“requestIdToken”。 在服务器端,我使用谷歌客户端库从 requestIdToken 获取用户信息。
最佳答案
有
requestIdToken (String serverClientId)
Specifies that an ID token for authenticated users is requested. Requesting an ID token requires that the server client ID be specified.
还有
requestServerAuthCode (String serverClientId)
Specifies that offline access is requested. Requesting offline access requires that the server client ID be specified.
You don't need to use requestIdToken(String) when you use this option. When your server exchanges the code for tokens, an ID token will be returned together (as long as you either use requestEmail() or requestProfile() along with your configuration).
The first time you retrieve a code, a refresh_token will be granted automatically. Subsequent requests will only return codes that can be exchanged for access token.
<子>来自 the docs .
如您在此处所见,requestServerAuthCode()
专门用于请求离线访问。如果不需要,使用 requestIdToken()
关于android - 谷歌登录中的 requestIdToken 和请求 ServerAuthCode 有什么区别,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39668773/