Google login get access token with new GoogleSignInOptions

Question

My android app currently uses the GoogleAuthUtil to signin users and fetch an access_token which is passed to the backend (code snippets below which show creating the GoogleApiClient and using GoogleAuthUtil to get the token).

mGoogleApiClient = new GoogleApiClient.Builder(this)
        .addConnectionCallbacks(this)
        .addOnConnectionFailedListener(this)
        .addApi(Plus.API)
        .addScope(new Scope("profile"))
        .build();
...
...

String accessToken = GoogleAuthUtil.getToken(GoogleLoginActivity.this,
                            Plus.AccountApi.getAccountName(mGoogleApiClient),
                            "oauth2:profile email");

which I then sent to the backend

I am now trying to move to the new Google SignIn - https://developers.google.com/identity/sign-in/android/sign-in

and so changed the GoogleApiClient creation like,

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
        .requestEmail()
        .requestIdToken("<web client id>")
        .build();
mGoogleApiClient = new GoogleApiClient.Builder(this)
        .enableAutoManage(this, this)
        .addApi(Auth.GOOGLE_SIGN_IN_API, gso)
        .build();

and then to do the login use,

startActivityForResult(Auth.GoogleSignInApi.getSignInIntent(mGoogleApiClient), RC_GET_TOKEN);

and on activity result use (similar to the example in the link above),

OptionalPendingResult<GoogleSignInResult> opr = Auth.GoogleSignInApi.silentSignIn(mGoogleApiClient);
if (opr.isDone()) {
    // If the user's cached credentials are valid, the OptionalPendingResult will be "done"
    // and the GoogleSignInResult will be available instantly.
    Log.d(TAG, "Got cached sign-in");
    handleSignInResult(opr.get());
} else {
    // If the user has not previously signed in on this device or the sign-in has expired,
    // this asynchronous branch will attempt to sign in the user silently.  Cross-device
    // single sign-on will occur in this branch.
    showProgress();
    opr.setResultCallback(new ResultCallback<GoogleSignInResult>() {
        @Override
        public void onResult(GoogleSignInResult googleSignInResult) {
            hideProgress();
            handleSignInResult(googleSignInResult);
        }
    });
}

but now it seems that in handleSingInResult(GoogleSignInResult result) I can only get an id token back with result.getSignInAccount().getIdToken();

Does anyone know if it is possible to get an access token from this (like previously) and if so how? Any help appreciated.

Answer 1

After signing in you'll be able to get the token:

final String token = GoogleAuthUtil.getToken(mAppContext, mAccountName, AUTH_TOKEN_TYPE);

dont forget to do it an Asynctask. for more detail have a look at here

EDIT:

Note that, despite the method name:

GoogleAuthUtil.getToken()

it does not give you an OAuth Token, it rather returns a "short-lived authorization code" according to the documentation.

What I should do after getting the Authorization Code by calling the GoogleAuthUtil.getToken() ?

You should transmit the Authorization Code to your backend server over HTTPS. Only from your server you should attempt to receive Access and/or Refresh token, not in your app.

Answer 2

So i was having the same problem. they have changed it now so the token comes through in

GoogleSignInAccount acct = result.getSignInAccount();
Log.d(TAG, "handleSignInResult2: "+acct.getIdToken());

To get access too this token you have too ask for it in

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestEmail().requestProfile().requestId().requestIdToken(getString(R.string.server_client_ID))
                    .build();

The R.string.server_client_ID is the client ID from the project that you make in your Google developer Console.

I hope this helps you.

here is also the documentation i followed. https://developers.google.com/identity/sign-in/android/backend-auth