Administrators jarto 724 Posted October 31, 2020 Administrators Report Share Posted October 31, 2020 TW3GoogleLogin is a non-visual component, which is available in the Designer's Cloud-tab. It lets you add Single-Sign-On to your web page using Google credentials. To use this, you need a ClientID, which you can obtain by registering at Google: https://developers.google.com/identity/sign-in/web/sign-in When you register, you need to specify the URI where you're going to host your web app. This is also where you need to copy the html code that Smart Mobile Studio produces when you compile your app. So, if you plan to have it at https://myserver.example.com/mywebapp/index.html, then you need to register https://myserver.example.com as an Authorized JavaScript origin. The ClientID is something like this: 5960xxxxxxx-80a9bkbkuumbcu9vt5c9pe0u8lmif31s.apps.googleusercontent.com Then add TW3GoogleLogin to your form and set the necessary properties and events: Properties: AutoLogin: If true, your web page will automatically call Login, which pops up Google's login form ClientId: ClientID for your Google web app Enabled: When this is set to True, the component loads Google's SDK and checks if you're already logged in Prompt: default is select_account, which means that Google's login form will also ask which account you want to use Scope: What information to ask from Google. Default is empty, which means that we only ask for profile and email. SDK: The Google SDK to load. This default value is usually ok. Events: OnLogin: Is called when the Login is successful OnLogout: Is called when user logs off OnError: Is called when there are errors. Error- and Details-parameters give more information. Methods: Login: Opens Google's login form Logout Useful properties after login: UserName UserEmail UserToken Most of the time you only need to: Set ClientID Set Enabled to True, which will automatically load Google's SDK Set the OnLogin- and OnLogout-events In OnLogin, get the name, email and token. Call Login (for example, from a Button's or Image's OnClick-handler) And when you test, make sure to do it with a browser from the registered URI. Don't expect this to work from SMS's console. Finally, a few words about security. Do not blindly trust the information that you receive. As this all happens in the client, you can not automatically trust UserName and UserEmail. So, when you do add this kind of SSO-support to log into a backend server, pass on the UserToken to the backend server, which should separately call Google's services to verify the token. IgorSavkic and IElite 2 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.