I’m setting up CBL on android with SGW 2.1 and CBS 6.0.
I’ve implemented session authentication with Google Sign-in, which is working correctly.
How do I make requireUser() work with session authentication?
I’ve tried setting the “name” field in the body of the “/_session” endpoint request, but I get an “Unauthorized” response from SGW.
Am I supposed to create a user (with the Admin interface?) before I can create a session with a valid token ID? This doesn’t make sense. How can I automatically create users, or how do I associate a valid session with a username for checking “requireUser()”?
Could someone please explain the point of using Implicit Flow if I have to create a web app for user creation anyway? Isn’t it easier to use Auth Flow directly and handle everything at the same time on my web app?
The OIDC provider is responsible for giving us the user ID, which is used by Sync Gateway to register the user. I’m not sure on Google’s specific implementation or what it gives us as a username, but I suspect it’s noted somewhere in the Google Accounts settings or documentation.
There should be no body sent with your _session request, only the Authorization: Bearer $GOOGLE_TOKEN header. The "register': true option you have in your config should automatically register new users in Sync Gateway once they are successfully authenticated via OIDC.