How do I implement Google sign-in on iOS app? - oauth

I've been tasked with adding a "Sign In with Google" button to an iOS app. For background, I'm a contract developer doing work for a customer, and I do not own the app in question.
I did a quick search for how to do this, but the only answer I could find involved "set up a project in the Google API console" followed by "add a GIDSignInButton to your layout".
I do not have access to the app owner's Google Developer account (or know if they even have one), and I certainly do not want to "set up a project" in my own Google account that is associated with a customer's app.
Furthermore, the iOS project I'm working with does not currently have any third-party library integrations (no Swift packages, no CocoaPods, no workspace file) and I strongly prefer to keep it this way.
Is it possible to do Google authentication using a standard OAuth process (i.e. open a web page, and handle the redirect after authentication completes)? I have done other OAuth integrations this way so I know how it works.
Thanks,
Frank

Yes, you can sign-in using OAuth without using an SDK. Here are the instructions.
You will be required to setup a project and configure it's OAuth settings. This manages how your app will appear to users and implements OAuth security controls. No way around this, so you'll want to work with your Google Cloud administrator to gain access to an existing project or create a new one.

Related

Manage Google Assistant Actions programmatically

I'm trying to integrate my online Google Actions builder with Actions Console.
Now users have to manually create Actions JSON descriptor file and upload it to the project via gactions tool. But I would to let them upload their actions without these steps. As an example I saw that Gupshup service does this already - user has to authorise Gupshup once he would to upload his project, and all things perform behind the scene by Gupshup.
As I know I have to use some sort of Google API that allows to manage projects in Google Console with some specific OAuth scope - something like "Allow this service to manage Google Assistant dialogues and grammars".
Are there anybody who knows anything about such OAuth scopes and API?
You may be able to do something with the gactions tool, although there is no fully public API to manage Assistant console projects.

How to implement "Use one-click single sign-on" correctly in order to publish to Google Apps Marketplace

We already have a web app that integrate with differente Google services. Right now, you can loguin using a Google account, can import a contact lists from any Google account, and can sync a Google Calendar with our Calendar in the webapp (We implemented all of this using OAuth 2 and invoking the GoogleApi with a REST Client).
We are now trying to publish this app in the GoogleApp Marketplace, but we are failing to comply with the "Use one-click single sign-on" rule (https://developers.google.com/apps-marketplace/practices#5_use_one-click_single_sign-on).
We are believing that the problem is we the way we are solving the fact that we need offline access for all the integrated users in the app. Right now, the only way we found to get the refresh tokens for them, was starting the OAuth2 process with the parameters access_type=offline&approval_prompt=force, but this forces them to enter their credentials.
We aren't using the 'Google+ Domains API', and we are starting to believe that we should. Is the use of this API mandatory for complying with the "Use one-click single sign-on" rule?
Thanks,
Well, we finally figured it out. We had to use the Google Admin SDK in order to implement SSO. We had some troubles with the scopes, but after we polished that, everything seems to be working OK.

Google Apps Marketplace declare scopes multiple times?

I'm trying to build a Google Apps Marketplace App using the new APIs only available through OAuth2. We already have an app using the old APIs, but I'm having trouble figuring out how to have the same flow with OAuth2.
In our old app, the domain administrator would install the app and give it permissions. Then, we could just make requests using our app's id/secret without user interaction. (2-legged OAuth)
How would I do this with OAuth2? None of the flows described here sound like what I'm looking for.
I'm also having hard times to find out to get this new OAuth2 login up and running.
You will have to use service accounts to make requests on behalf of the user.
Documentation is here:
https://developers.google.com/accounts/docs/OAuth2ServiceAccount
I did not yet manage to get the flow working without each user being prompted again, but this most likely is because I need offline access:
Google Apps Marketplace SDK + Domain-wide OAuth 2 SSO

iOS 6 Twitter share without using system account

On a current project I would like to let a user that does NOT have a Twitter account setup login and tweet. Use case: this area of the app is being used by many different end users as part of a check-in process. It is not their personal iPad, they just use it for about 10 minutes to check-in for an event. During that check-in process I want to let them share to FB and Twitter if they choose.
I was able to accomplish the Facebook share without using the system account using Facebook's presentFeedDialogModallyWithSession API, which works great. Is there a similar API in the Twitter SDK? Is there another way I could do this that leverages the Social or Twitter framework?
Recommendations greatly appreciated.
You cannot do this with the built-in twitter SDK. You will need to use the "old" way of doing this, which is via oAuth or xAuth. A good framework for this can be found on github called FHSTwitterEngine. You will need to make your own UI for what you do with twitter itself, but it handles the login/authentication for you as much as possible.
Also this page may be useful to find other 3rd party frameworks (that is updated by twitter themselves) if you need to go outside of their regular SDK and the above does not get you what you want.

Google Plus Over the Air installs via server-side oauth

Google released nice feature called Over-The-Air Installs. But documentation has example only for google's sign-in button.
Checked Google API PHP Client and it doesn't have anything related. Tried adding apppackagename and app_package_name to authorization url - didn't help. Another problem is that Google doesn't enable this feature for all clients.
Is it possible to use it via oauth triggered on server-side? Does Google somehow indicate that you're allowed to use this feature?
It is currently not possible to trigger Over-The-Air Installs using the server-side flow. It is recommended that you use the client-server flow as described and demonstrated in the quick-start sample apps instead of using a server-side flow.
You can direct users to install the app at the conclusion of your install by linking to your app in the play store. From the play store, the user could still install your app directly to their device, it would just not happen in the sign-in dialog.
Even hybrid client-server flow needs to implement the "sign-in button" to your page...
https://developers.google.com/+/web/signin/server-side-flow
https://developers.google.com/+/web/signin/client-to-server-flow
Don't know why Google is doing this way!

Resources