I am using the Google OAuth2 API to control user login for my application. I have most of them that work correctly, until the moment when it checks the Google API session, when Angular changes the state. It will successfully catch cases when a user logs out of Google to the application and forces them to re-authenticate before they can continue.
The problem I encountered is when a user logs out of their Google account and then logs into another. I need to capture this and double-check their new Google account against our list of authorized user users and get the correct application user token for the new user. Now I am using:
gapi.auth.checkSessionState({ 'client_id': CLIENT_ID, 'session_state': token },
callback);
I also tried it with a parameter session_stateset to null, but that didn't seem to affect the functionality. It works great in cases where the user writes out a completely external application to Google, but does not notice the difference in Google accounts, if the user then signs back to the external application and tries to resume navigation without refreshing the page or otherwise resetting the GAPI JS client.
Am I missing something? Are there any other API methods or endpoints that I can request that will return a reported result if the user has changed Google accounts outside my application?
Thank.
source
share