I am facing an issue understanding the oauth2 flow. A user(identified by a user_id) initiates the GoogleAccounts connection in the browser.The request is passed to Servlet that sends Redirect String To Client (Javascript), which in turn redirects user to that Auth URL. On User Consent, the response is returned to callback url (mapped to a servlet). My Confusion here is when callback servlet is called,how do i identify to which user(user_id) does this authCode belong to? Do i have to use state param of oAuth2 ?
Please help.