My android app currently uses the GoogleAuthUtil to signin users and fetch an access_token
which is passed to the backend (code snippets below which show creating the GoogleApiClient and using GoogleAuthUtil to get the token).
mGoogleApiClient = new GoogleApiClient.Builder(this)
.addConnectionCallbacks(this)
.addOnConnectionFailedListener(this)
.addApi(Plus.API)
.addScope(new Scope("profile"))
.build();
...
...
String accessToken = GoogleAuthUtil.getToken(GoogleLoginActivity.this,
Plus.AccountApi.getAccountName(mGoogleApiClient),
"oauth2:profile email");
which I then sent to the backend
I am now trying to move to the new Google SignIn - https://developers.google.com/identity/sign-in/android/sign-in
and so changed the GoogleApiClient creation like,
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken("<web client id>")
.build();
mGoogleApiClient = new GoogleApiClient.Builder(this)
.enableAutoManage(this, this)
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
and then to do the login use,
startActivityForResult(Auth.GoogleSignInApi.getSignInIntent(mGoogleApiClient), RC_GET_TOKEN);
and on activity result use (similar to the example in the link above),
OptionalPendingResult<GoogleSignInResult> opr = Auth.GoogleSignInApi.silentSignIn(mGoogleApiClient);
if (opr.isDone()) {
// If the user's cached credentials are valid, the OptionalPendingResult will be "done"
// and the GoogleSignInResult will be available instantly.
Log.d(TAG, "Got cached sign-in");
handleSignInResult(opr.get());
} else {
// If the user has not previously signed in on this device or the sign-in has expired,
// this asynchronous branch will attempt to sign in the user silently. Cross-device
// single sign-on will occur in this branch.
showProgress();
opr.setResultCallback(new ResultCallback<GoogleSignInResult>() {
@Override
public void onResult(GoogleSignInResult googleSignInResult) {
hideProgress();
handleSignInResult(googleSignInResult);
}
});
}
but now it seems that in handleSingInResult(GoogleSignInResult result)
I can only get an id token
back with
result.getSignInAccount().getIdToken();
Does anyone know if it is possible to get an access token from this (like previously) and if so how? Any help appreciated.
After signing in you'll be able to get the token:
final String token = GoogleAuthUtil.getToken(mAppContext, mAccountName, AUTH_TOKEN_TYPE);
dont forget to do it an Asynctask. for more detail have a look at here
EDIT:
Note that, despite the method name:
GoogleAuthUtil.getToken()
it does not give you an OAuth Token, it rather returns a "short-lived authorization code" according to the documentation.
What I should do after getting the Authorization Code by calling the GoogleAuthUtil.getToken() ?
You should transmit the Authorization Code to your backend server over HTTPS. Only from your server you should attempt to receive Access and/or Refresh token, not in your app.