Is it correct to directly link the Google OAuth URL (ex. : https://accounts.google.com/o/oauth2/auth?response_type=code&redirect_uri=https://myredirecturl.com/login&client_id=xxxxxx-xxxxxxxxxx.apps.googleusercontent.com&scope=email+profile&access_type=online&approval_prompt=auto) generated by the Google libraries on my Sign-In with Google link.
Like currently first the user clicks on my Sign-In with Google button, then user goes to the authurl generator script and then he gets the Google Login button and then again he has to click on the login button to get to the Google Login UI. This is a long process so I had to ask this.
Currently this is my ui flow :
user opens my site: mywebsite.com
gets the following html :
<html><body> <div> <a href="www.mywebsite.com/googlelogin.php">Login with Google</a></div> <div> <a href="www.mywebsite.com/fblogin.php">Login with Facebook</a> </div> </body></html>Clicks Login with Google button & reaches again a Login button, here again the Login button appears & this is the 2nd time the user has to click to Login and then he reaches the GMAIL Login UI ? Why is this process not being done in one click ?
<html><body>
<a href="https://accounts.google.com/o/oauth2/auth?response_type=code&redirect_uri=https://myredirecturl.com/login&client_id=xxxxxx-xxxxxxxxxx.apps.googleusercontent.com&scope=email+profile&access_type=online&approval_prompt=auto">Login with Google</a> --- Here again the Login button comes and this is the second time the user has to click to Login ??? Why is this process not being done in one click??</body></html>UPDATE:
1st STEP / Screen : www.mywebsite.com/index.php
<html>
<head></head>
<body>
<a href="www.mywebsite.com/googlelogin.php">LOGIN WITH GOOGLE</a>
</body>
</html>
2nd STEP / Screen : mywebsite.com/googlelogin.php , here again a new LOGIN BUTTON is shown on which the user has to click to go to the GMAIL LOGIN UI.
session_start();
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->addScope("email");
$client->addScope("profile");
//incase of logout request, just unset the session var
if (isset($_GET['logout']))
{
unset($_SESSION['access_token']);
$client->revokeToken();
session_destroy();
}
$service = new Google_Service_Oauth2($client);
if (isset($_GET['code']))
{
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
exit;
}
//Set Access Token to make Request
if (isset($_SESSION['access_token']) && $_SESSION['access_token'])
{
$client->setAccessToken($_SESSION['access_token']);
}
//Get User Data from Google Plus
if ($client->getAccessToken())
{
$userData = $service->userinfo->get();
$_SESSION['access_token'] = $client->getAccessToken();
}
else
{
$authUrl = $client->createAuthUrl();
}
**//here comes the 2nd Login Button**
**//here comes the 2nd Login Button**
**//here comes the 2nd Login Button**
**//here comes the 2nd Login Button**
if (isset($authUrl))
{
//show login url
echo '<div>Please click login button to connect to Google.</div>';
echo '<a href="' . $authUrl . '">LOGIN WITH GOOGLE </a>';
}
else
{
$user = $service->userinfo->get(); //get user info
echo 'Welcome '.$user->name.'! ';
}
来源:https://stackoverflow.com/questions/49362404/is-it-correct-to-use-the-oauth-url-on-href-to-link-to-the-google-oauth-login-ui