I'm trying to construct a webapp to add events to an employee's google calendar and would like to use OAuth for authentication.
However, my webapp is forced to be on an intranet behind a firewall; the server has outbound internet access, but blocks in-bound access if you aren't on the intranet or VPNing into the intranet.
I'm reading up on OAuth, but can't figure out if part of the authentication-handshaking process would be blocked by my firewall. (And I'd like to know if its possible before spending time to implement if it isn't possible; and know so if I run into errors I can debug them).
OAuth should work just fine over http, using POSTs and GETs and if your client can set the Authorizatioon header. The client should create all the requests and as long as it follows redirects this should be ok - there's never (to my knowledge) a case where an external server initiates an inbound connection.
For added confidence try OAuth with an existing third party service from behind your firewall to be sure. This looks like a good starting point and this is the definitive guide for following the flows of an OAuth call.
To expand on planetjones's answer, as long as google can resolve the DNS for your application url oauth2 should work behind a fire wall. We had some issues getting getting oauth2 working behind our firewall because we were trying to use a non fully qualified domain name.
来源:https://stackoverflow.com/questions/6116542/oauth-on-a-webapp-behind-a-firewall-is-it-possible