PGSGP: How works backend token verification? #73
Description
I would like to integrate token authentication on the server side for the PlayGamesServices so that only the server can make calls.
"Never trust the client" ;)
Seems to be a common practice:
https://developer.android.com/games/pgs/android/server-access
Here is a graphic (for better understanding):
https://developer.android.com/games/playgames/integrating-pgs-existing-id-solutions#restore_player_state
How can I have the token received - (on the backend) from the client - exchanged for the access token at Google Play Games Services. Is there a module for this or another solution? Thanks in advance! :)