[Aerogear-users] Cross-client auth support?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[Aerogear-users] Cross-client auth support?

Michael Doo

For the Aerogear iOS OAuth2 library, does it support cross-client authorization as documented here: https://developers.google.com/identity/protocols/CrossClientAuth? I have a project configured in the Google Developers console with two OAuth2 client IDs. I'd like to have my iOS app send a token request that contains both client IDs (one in the client_id field and another in the audience field) and receive a token that has the server_code field which I would then send to my web app to get it's own refresh/access tokens. Example requests below.

Token request:
audience  <web app client ID>.apps.googleusercontent.com
client_id <iOS app client ID>.apps.googleusercontent.com
code  4/qmOAPMYafdJ1Qs14o6wK9Ok_p4bhkzjab72wwLtLg5A
grant_type  authorization_code
redirect_uri  com.googleusercontent.apps.<iOS app client ID>:/oauth2callback
verifier  81803532

Token response:
access_token  String  ya29.NgL_Yz4eECZQR0aHbrYh5_A06Rif_dQYxBLXXZLm5OQiInwKGcKI8Nd2PhxLNtV-XzoQ
token_type String  Bearer
expires_in  Integer 3600
refresh_token String  1/4aumZ1PQ00zk4xrc4W-xgjMIHA1GnDtpmc17Fopx9-RIgOrJDtdun6zK6XiATCKT
server_code String  4/qz-ClSW_wudBxj5H7cCFhaNDYQQrtcytAokQje_XKf0 <---- NEW!
id_token String  eyJhbGciOiJSUzI1NiIsImtpZCI6...

Michael Doo

Aerogear-users mailing list
[hidden email]