Server Side Google API Access from Android

Back in the dark ages I wrote a blog post on using Google Sign In to authorize a server from an Android client, and provided an accompanying gist with an example Activity in it. Recently, someone point out to me that gist was quite out of date, so I updated it to use the latest and greatest Google Sign In APIs on Android, with very pleasant results. The new version is much easier to understand, and only 2/3 the length of the previous one, without losing any functionality. That’s possible because of some of the features the Identity and Google Play Services teams at Google have added to Google Sign In, and to Google Play Services itself. Auto manage Google Play Services is, as the name implies, a separate service on an Android device, and requires a Binder connection. Back when I wrote my first gist this was wrapped in an API specific client ( PlusClient ), and more recently in a generic Google Play Services client ( GoogleApiClient ). Managing this connection took quite a lo

Upgrading Firebase.com & Using Google Sign In on Android

Very quick post on a problem I've seen a few people hit where they are upgrading a Firebase.com project which uses Google Sign In on Android. Just Tell Me What To Do Already 1. Upgrade your Firebase.com project 2. Connect your Android app, but do not  enter a SHA1 3. Go to the old Google Developers/Google Cloud project you were using and copy each client ID used for an Android app (e.g. the debug and release versions at least).  4. In the Auth > Sign In Method > Google panel, enter the client IDs you copied before.  This ensures your existing app keeps working, and sets you up for transitioning to the new SDK.  Why Am I Doing This? There are a couple of things to know:  The specific combination of Android package name and SHA1 is unique across Google. It can only exist in a single Google project, and is associated with a single client ID.  An upgraded Firebase project is a Google project underneath.  This means if you go thro

Google Sign In iOS 1.0.0

The new Google Sign In SDK for iOS is out ! With a new version number, and separated from the old Google+ SDK, the Sign-In SDK should make it easier and faster to implement Google Sign-In in your app. Lets take a look at how to use it from Swift. Unfortunately the library isn't available from Cocoapods yet, so you'll have to drop it in manually. Setup is pretty easy: add in the GoogleSignIn.framework from the zip download and add the system AddressBook and SystemConfiguration frameworks. If you want to use the supplied button, you'll also need to add the GoogleSignIn.bundle from the SDK zip which contains the fonts, images and translations for the standard button - using the Add Files to "project" menu option should automatically set it in the Copy Bundle Resources part of your build step. If your sign in button is invisible when you launch the app, you probably haven't copied the GoogleSignIn.bundle from the SDK zip file. In the Build Settings ph

Understanding Service Accounts

Misconceptions about Google service accounts are at the heart of a number of problems I’ve seen developers having on Stack Overflow and various issue trackers. Hopefully this post will dispel some common misunderstandings, and break down what they are for. What is a service account for? Requests to many APIs need to be authorised to access data or services. In most cases this is done interactively with a user - the site presents a sign-in button, the user grants the site access to a part of their Google account, and the site receives an access token they can pass with their requests. Google checks this token to ensure the query is allowed to access the data it is requesting. However, there are some situations where the user is not actually present - for example a daily batch script which downloads data from a Google Analytics account, or a process which provisions services for a Google Apps user when a new staff member starts at a company. In these cases, a service account is us