When using 'Google Sign-In' (either via an official SDK such as the iOS SDK, or manually by popping up a browser view with the authorization page URL), there are ways to escape the sign-in view, and go to Google and search/browse the web (e.g. by clicking the "Privacy" link, scrolling to the bottom, and clicking the "Google" link)
I have an (iOS) app where I would like to just use Google for sign-in, but not give my users access to the web. Is there a way to lock down the Google Signin dialog to have this?
Related
If I open a link on the instagram app, it opens a web view.
When I'm trying to log into my website via Google Login while on the Instagram's App web view, my google login would freeze at the logging in process.
Does anybody know how to support logging in via the instagram App for Google Login?
Maybe you can use ux_mode redirect option in google oauth config: https://developers.google.com/identity/sign-in/web/reference#gapiauth2clientconfig
Google OAUTH does not allow for app web views and embedded app web view.
I'm developing a Xamarin forms mobile app (iOS). I would like the user of the mobile app to be authenticated by google auth in order to access WordPress (a.k.a. WP henceforth) Resources. I see the flow as follows:
User launches the Mobile App and is presented with the WP login screen where along with the WP login fields, there is a button that says 'Login with Google'.
Upon tapping on the 'Login with Google' button, the user is redirected to Google's login page where he/she enters Google credentials.
Google then redirects back in either one of the ways:
a. Google redirects to WP with necessary tokens which in turn redirects to the app with necessary tokens.
b. Google redirects back directly to the app with the necessary tokens.
Is this a valid scenario?
I know that Xamarin Forms has packages that support OAuth so that can be handled, but how would I go about setting this up between WP and Google Auth? What would the correct Redirect URL's be?
Appreciate any help that can be provided.
Thanks & Regards
Noel
"On April 20, 2017, we will start blocking OAuth requests using web-views for all OAuth clients on platforms where viable alternatives exist."
We received this notice. In our iOS app using the Google drive, but google drive sdk no updated. google drive sdk still uses the old way. We need to modify the authorization method?
If you are using the WebView for Google OAuth authentication (i.e. if the user has to type the Gmail address and password in a WebView), yes, you have to update it.
You have two options.
SFSafariViewController: Load the Google login URL in the SFSafariViewController instead of the WebView. If you are accessing any cookies in the WebView, you cannot do that in the SFSafariViewController. For iOS 8 and below, which does not support SFSafariViewController, you can fallback by opening the Safari browser to authenticate.
Google Sign In SDK: Use Google Sign In for iOS SDK. You put a Google Sign In button in your app and use the Google APIs to authenticate.
For more information, refer this presentation from Google devs: https://docs.google.com/presentation/d/1z7bgAqYcEt7EHRmwe3T-vF_iMw9e8Wyxr10wPudypEo/present?slide=id.g135ae23358_0_71
I try to implement authorization via google in my applications but I have one problem.
In normal browser authorization works the next way:
Click on google sign-in button
Open new page with google authorization
Denied/Grant permissions to app
Page closed automatically
Page with google sign-in button reloaded automatically
But in QML WebView the last 2 steps doesn't work. Does anybody has ideas how I can do this?
Thx
Use this example for WebView OAuth2 authentication. Usually Websites use OAuth2 for authentication and authorization. The Example is for Facebook , but it can be applied for Google.
I have a rails application that allows third party sites to embed my widget on their site. Part of the functionality of my app requires people to 'link up' their facebook accounts. Can this be done through a widget? Can they link up facebook to my app through a widget on a third-party site?
It should work if
your widget is in an iframe (so the window location url matches the one you set for facebook oauth)
and you use client side oauth (you don't want to overwrite top.location)
Why don't you try it and come back if you have any problems