CODEWITHSUNDEEP
javaauthenticationgwtopenidauthorization
Andrey Agibalov
Andrey Agibalov

Reputation: 7694

Authorization/Authentication with Google account in GWT

I'm trying to enable my GWT application authenticate users with their Google accounts. What I basically need is just to have an unique value for every user and be sure that these values will always describe correct users. The main requirement is, the number of lines of code I have to write is as small as possible :-)

I'm trying to use gwt-oauth2 library, but it looks like the whole idea of OAuth is to provide a token that allows access to different private resources like mail, contacts, etc., but it doesn't define the user itself.

Question #1 - is that right that token Google gives me only defines "session with rights to access user's private data" and it doesn't define "the unique user"?

Question #2 - should I use OpenID instead, since I'm 100% sure I'll never need to access any private data and the only thing I need is to have user's unique descriptor?

For those who consider it a duplicate of Easiest way to enable Google authentication for GWT application? (non-GAE-hosted). This question is not about libraries to use to solve the problem ASAP, this question is about understanding of "whether authentication is a subset of authorization". The question is OAuth vs. OpenID for my case.

Upvotes: 2

Views: 1123

Answers (2)

Zied Hamdi
Zied Hamdi

Reputation: 2662

If you're searchig to go further by controlling what is visible/enabled to the user (authorizations), and how it is displayed. I just created a solution for that. I hope you'll enjoy:

Use the project UiBinderAutho to catch widget creation and adapt them to your needs (connected profile ui, rights, widget handlers). Some explanations here http://ziedhamdi.github.io/UiBinderAutho/

here are the github projects https://github.com/ziedHamdi

Upvotes: 0

Chris Cashwell
Chris Cashwell

Reputation: 22899

1) The point of OAuth is to allow a site owner to access certain info the user allows. You don't get a "unique user", however you could request their e-mail address and/or name and store that, then retrieve it when they log back in via OAuth.

2) Yeah, OpenID probably a better option for your use case. If you're not saving the user's info, don't bother asking them to give you access to it. OpenID does offer unique IDs for users.

Upvotes: 3

Related Questions