问题
What is desired: A chrome extension which uses google ooauth2.0 to log-in in extension, and sends data of his action safely to my servers with access token, where I get user details from the access token and save his actions, server implementation in php.
What I have done: Registered Google API Access 'Client ID for web applications' with redirect Url http://www.google.com/robots.txt, as explained by http://smus.com/oauth2-chrome-extensions/.
Based on same tutorial and their code I am getting access token of user in extension and able to send that to my server, with data..
Problems: 1) Now on my server I need to get data from that token..I need to call https://www.googleapis.com/oauth2/v1/userinfo?access_token=ya29.AHES6ZRCgM2nEI0-25KvlmIuZdSH6DbY1rhj9M4auzF86kHXobOeFA page but its not working.. 2) when I click on inspect popup in chrome I can see the client id and client secret, isn't the secret supposed to be safe??
Hence I am totaly lost in the flow...is the access token supposed to be in the same format..I am not even sure.. Please if someone have done something similar suggest me a complete library, with client and server side work..
P.S. As google documentation now says oauth1.0 is deprecated and will be removed soon..(while giving all demo code only in oauth1.0..) Please don't suggest any oauth1.0 lib..
来源:https://stackoverflow.com/questions/10357281/implementing-google-oauth2-for-chrome-extension-interecting-with-our-servers