Reputation: 843
How to authenticate a Google Games player on a backend server
The docs, once again, just have me going in circles
The Games sign-in documentation suggests using normal Google sign in procedure:
https://developers.google.com/games/services/android/signin
which points to using ID token for server-side user authentication:
https://developers.google.com/identity/sign-in/android/backend-auth
but, it seems, there isn't a way to obtain a Games player ID matching this verifiable ID token, which means in the end we can't establish authenticity of a Games player that did the sign-in.
I have also found a verify call that seem to be designed to obtain a Games player ID, but it is locked behind an access token, which would force additional permssions upon login, and a more complicated client-server exchange, and is undesirable in general, as we are not aiming to do any Google calls on users behalf.
It is bizarre that there isn't a direct way to check the Games id authenticity back with Google. Is there another authentication procedure for Games id, that I'm just missing maybe?
Upvotes: 1
Views: 885
Answers (1)
Reputation: 17720
It is bizarre that there isn't a direct way to check the Games id authenticity back with Google. Is there another authentication procedure for Games id, that I'm just missing maybe?
There is, and you mentioned it in your question: use the access token.
Hook that up with the Google_Service_Games ang you get the same ID. (Begins g; the openID is numerical only)
$googleClient = new \Google_Client();
$googleClient->setClientId(GOOGLE_OAUTH_CLIENT_ID);
$googleClient->setClientSecret(GOOGLE_OAUTH_CLIENT_SECRET);
$googleClient->setRedirectUri('postmessage');
$googleClient->setScopes('googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/games https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email');
$googleToken = json_encode([
'access_token' => $accessToken,
'token_type' => '',
'expires_in' => 1800,
'id_token' => '',
'refresh_token' => $refreshToken,
'created' => time()
]);
$googleClient->setAccessToken($googleToken);
$gamesService = new \Google_Service_Games($googleClient);
$me = $gamesService->players->get('me');
$me = $me->toSimpleObject();
Upvotes: 1
Related Questions
- Google PlayGamesAPI: How to validate ServerAuthCode in C#
- Google Play Games API returns SIGN_IN_REQUIRED
- Google Play Game Services Sign In callback
- Google auth in a service
- Implementing Google Play Game Services - How to let user sign in
- Google Play Services authentification in client-server application
- Getting Google Play Games player ID on server
- authenticating into Google Play Game Services on android results in error when signing in with Google Apps account
- Google play games login flow
- OAuth token with Google Play Game Services