Search code examples
iosgoogle-app-engineoauth-2.0google-plusgoogle-oauth

How to authenticate users in iOS app using Google Identity Toolkit?

I have followed the example provided in the Google Identity Toolkit documentation, Google Identity Toolkit - Quick-start App for iOS. Until now I have completed the following:

  1. The user can press "Sign in with Google" and is redirected to the Google consent screen.
  2. When correct Google account username and password is entered, the openUrl:method is called.

The code below illustrates the implementation of the openURL: method:

- (BOOL)application:(UIApplication *)application
            openURL:(NSURL *)url
  sourceApplication:(NSString *)sourceApplication
         annotation:(id)annotation {

  // Handle custom scheme redirect here.
  return [GITClient handleOpenURL:url
                sourceApplication:sourceApplication
                       annotation:annotation];
}

I see that the url variable contains the following information:

com.example.myapp:/oauth2callback?state=67688930&code=4/0JGe2u_FjoGrt_W67iJY2zCWRNgd.Yo023UKVHI4fBvB8fYmgkJyhcwpNkAI
  • com.example.myapp - Is my BundleID
  • oauth2callback - I don't know exactly were it comes from. However my WidgetURL is: https://myapp.appspot.com/oauth2callback, so I believe it is derived from that.
  • state and codeseems to be randomly generated every time.

However [GITClient handleOpenURL:url.. always returns NO which means that it cannot authenticate. What is going on?

I have tried with a similar sample app, Google Plus - Quick-start sample app for iOS, using the Google Plus API instead of the Identity Toolkit API. Here everything works fine.

The implementation of the openURL: method in the working example is seen below:

- (BOOL)application:(UIApplication *)application
            openURL:(NSURL *)url
  sourceApplication:(NSString *)sourceApplication
         annotation:(id)annotation {

  BOOL canHandleUrl = [GPPURLHandler handleURL:url
                             sourceApplication:sourceApplication
                                    annotation:annotation];
  return canHandleUrl;
}

Here the url variable contains the following information:

com.example.myapp:/oauth2callback?state=39225007&code=4/-zN9DyI5QX8Jfcc8ft4SGMNul2AH.MuDLv7lFMdIbPvB8fYmgkJxJ1flMkAI&authuser=0&num_sessions=1&prompt=consent&session_state=41a2c7b449624476165c31cd33e63bac561556a3..ca9c

I notice that some additional information is present. However I don't if this have any importance, or if it is just because another API is used.

To summarize my question: How do I configure Google Identity Toolkit to work with iOS?

Solution

  • There were some bugs in the iOS client.

    The bugs are now fixed in the iOS client, so if you experience the same problem, try to update. Or read my discussion with Google here to get a better understanding of Gitkit.