With that said, what you're asking to do is log the user out of a service that really doesn't belong to you. Once your app knows who the user is, that person can log out of Google. In fact, I can log out of all of my Google accounts and still be logged into Stack Overflow. When your user logs out, he or she isn't logging out of Google, he/she is logging out of your app, or Stack Overflow, or Assembla, or whatever web application used Google OAuth to authenticate the user. Google and Stack Overflow, Assembla, Vinesh's-very-cool-slick-webapp, are all different entities, and Google knows nothing about your account on Vinesh's cool webapp, and vice versa, aside from what's exposed via the API you're using to access profile information. Here's where developers new to OAuth sometimes get a little confused. When you logout of your app, you're logging out of your app:
When you enter your Google password, Google then tells Stack Overflow you are who you say you are, and Stack Overflow logs you in. "Hang on a sec Stack Overflow, I'll authenticate this fella and if he can enter the right password for his Google account, then it's him". If you're logged in already, Google will say YES. "Yo Google, this Vinesh fella claims that is him, is that true?" I'm not sure if you used OAuth to login to Stack Overflow, like the "Login with Google" option, but when you use this feature, Stack Overflow is simply asking Google if it knows who you are: Overview of OAuth: Is the User Who He/She Says He/She is?:
0 kommentar(er)
