CODEWITHSUNDEEP
phpgoogle-apisingle-sign-ongoogle-oauth
Mitya
Mitya

Reputation: 34556

Google auth - any way to have custom data sent back in redirect URL?

I'm implementing single sign-on via Google into my site and it's working fine, BUT: I need it to support various instances of the website.

This is a problem because Google does not seem to support any sort of dynamism in the redirect URLs. From the docs about redirect URLs:

Determines where the API server redirects the user after the user completes the authorization flow. The value must exactly match one of the authorized redirect URIs for the OAuth 2.0 client, which you configured in the API Console.

This is annoying to say the least; no wildcards, no query string variation - has to match exactly the value you store in the console.

So my question is: does anyone know of any means of telling Google's auth service to return custom data appended to the redirect URL?

I'm thinking something like

$google->setRedirectUri('http://example.com/foo');

//pseudo code...
$google->setCustomRedirectData([
    'foo' => 'bar'
]);

...which would generate

http://example.com/foo?code=...&other_google_params=...&foo=bar

Is there any way for this, or do I have no option but to specify literally every redirect URL manually?

Upvotes: 3

Views: 1712

Answers (1)

ceejayoz
ceejayoz

Reputation: 180004

We use the state parameter for this. In our case, we only need to store a small amount of data (which of our wildcarded subdomains or custom domains the user came from) and it's quite effective.

The format of it is up to you. We base64 encode some (non-sensitive) JSON into it.

Upvotes: 5

Related Questions