Create a more engaging and personalized experience for your users by incorporating aspects of Google+ into your mobile app. Learn how your users can share pictures, links, and more into Google+ from your app, and how doing so can raise visibility and discoverability of your application.
30. How does Google+ Sign-in work?
Based on OAuth 2.0
AppUser
Google
Consent Permission
No password sharing
Scoped access
Revocable
31. Setting up
Developer Console Project
https://developers.google.com/console
APIs
Credentials
iOS Client ID
Android Client ID
Web Client ID
Branding
Permissions
Management
32. The Auth Triangle
You Google
Connecting lines
need authentication
Client
Server
Google APIs
36. Client Authentication: Android
SDK Architecture
Android
Your App
Google APIs
Google Play
Client Library
Google Play
Services APK
Authorize using existing
accounts on Android device
38. Client Authentication: Android
Handling Connection Failure
public void onConnectionFailed(ConnectionResult result) {
if (!mIntentInProgress && result.hasResolution()) {
try {
mIntentInProgress = true;
startIntentSenderForResult(result.getResolution().getIntentSender(),
RC_SIGN_IN, null, 0, 0, 0);
} catch (SendIntentException e) {
// The intent was canceled before it was sent. Return to the default
// state and attempt to connect to get an updated ConnectionResult.
mIntentInProgress = false;
mApiClient.connect();
}
}
}
Java
39. Client Authentication: Android
Handle connection failure
public void onConnectionFailed(ConnectionResult result) {
if (!mIntentInProgress && result.hasResolution()) {
try {
mIntentInProgress = true;
startIntentSenderForResult(result.getResolution().getIntentSender(),
RC_SIGN_IN, null, 0, 0, 0);
} catch (SendIntentException e) {
// The intent was canceled before it was sent. Return to the default
// state and attempt to connect to get an updated ConnectionResult.
mIntentInProgress = false;
mApiClient.connect();
}
}
}
Java
User needs to select account, consent to permissions, ensure
network connectivity, etc. to connect
40. Client Authentication: Android
Connection successful
public void onConnected(Bundle connectionHint) {
// Retrieve some profile information to personalize our app for the user.
Person currentUser = Plus.PeopleApi.getCurrentPerson(mApiClient);
// Indicate that the sign in process is complete.
mSignInProgress = STATE_DEFAULT;
}
Java
41. Client Authentication: Android
Connection successful
public void onConnected(Bundle connectionHint) {
// Retrieve some profile information to personalize our app for the user.
Person currentUser = Plus.PeopleApi.getCurrentPerson(mApiClient);
// Indicate that the sign in process is complete.
mSignInProgress = STATE_DEFAULT;
}
Java
46. Client Authentication: iOS
Perform Sign-In, Option 2 (create your own button)
Create own button / use action sheet / …
// trigger sign-in
[[GPPSignIn sharedInstance] authenticate];
Objective-C
Silent sign-in if user has signed in before
// silently sign in
[[GPPSignIn sharedInstance] trySilentAuthentication];
Objective-C
50. Client Authentication: Web
Integrate sign-in button
<div id="gConnect">
<button class="g-signin"
data-scope="https://www.googleapis.com/auth/plus.login"
data-requestvisibleactions="http://schemas.google.com/AddActivity"
data-clientId="YOUR_CLIENT_ID"
data-callback="onSignInCallback"
data-cookiepolicy="single_host_origin">
</button>
</div>
!
<!-- Place plusone.js asynchronous JavaScript just before your </body> tag —>
HTML
51. Client Authentication: Web
Handle authorization callback
function onSignInCallback(authResult) {
if (authResult['access_token']) {
// Successfully authorized
} else if (authResult['error']) {
// User is not signed in.
}
}
JavaScript
53. One-Time-Code Flow
C
li
e
n
t
S
e
r
v
e
r
Google
APIs
1: Client-side auth request
2: OAuth dialog
triggeredOAuth
2.0
Dialog
3: access_token,
one-time code,
id_token
4: one-time code 5: exchange one-time codefor access_token andrefresh_token
6: access_token,
refresh_token
7: “fully logged in”
54. Server Auth: One-Time Code
Integrate sign-in button
<div id="gConnect">
<button class="g-signin"
data-scope="https://www.googleapis.com/auth/plus.login"
data-requestvisibleactions="http://schemas.google.com/AddActivity"
data-clientId="YOUR_CLIENT_ID"
data-callback="onSignInCallback"
data-cookiepolicy=“single_host_origin">
data-callback="signInCallback">
</button>
</div>
!
<!-- Place plusone.js asynchronous JavaScript just before your </body> tag —>
HTML
55. Server Auth: One-Time Code
Handle authorization callback
function signInCallback(authResult) {
if (authResult['code']) {
// Send the code to the server
$.ajax({
type: 'POST',
url: 'plus.php?storeToken',
contentType: 'application/octet-stream; charset=utf-8',
success: function(result) {
// Handle or verify the server response if necessary.
console.log(result);
} else {
$('#results').html('Failed to make a server-side call.');
}
},
processData: false,
data: authResult['code']
});
} else if (authResult['error']) {
console.log('There was an error: ' + authResult['error']);
}
}
JavaScript
56. Server Auth: One-Time Code
Exchange one-time code
$code = $request->getContent();
!
// Exchange the OAuth 2.0 authorization code for user credentials.
$client->authenticate($code);
!
$token = json_decode($client->getAccessToken());
!
// Verify the token
...
!
// Store the token in the session for later use.
$app['session']->set('token', $client->getAccessToken());
$response = 'Successfully connected with token: ' . print_r($token, true);
PHP
66. Summary
Do not build your own authentication system
Google+ makes authentication easy
Use interactive posts to engage your users
More info at http://developers.google.com/+