How to link Google + signed in users on Parse backend on Android?

Question

I've been using Parse for 3 months in my android app. Now I want to add email login and social sign ons (Facebook and Google+) in the app. I have successfully added email and fb login and the user can connect both or either one of email or facebook and the app would recognise the user.

e.g. If I login through email, then connect facebook, use the app on another device, login via facebook, the app would know it's the same user and would be customised for me and would show my data. And email also works.

I have added Google+ sign-in for Android but I am not able to connect the user's Google+ credentials with the logged in user.

Parse Users table has an authData field which gets the facebook auth data and would get Twitter as well as both of these sign ons are baked into Parse SDKs.

What should be the best thing to do for Google+? I'm confused about the db design as well as how to connect the user who signed in with Google+?

What if the user just logs in via Google+? How do I make a Parse User and authenticate the user on Parse?

I'm comfortable with cloud code and Android and would really appreciate some sort of help/instructions just pushing me in the correct direction. I have never used OAuth2 and with Parse login for email and Social Sign ons, I don't think I should get into it. But let me know if I'm wrong.

Thanks!

Update: I have read a lot of questions on Parse Questions and have checked out the become method plenty of times (because I kept thinking I'm missing something after reading that). Check this question - I'm currently in the same situation.

I have:
1. Implemented Google+ sign in.
2. Got access token using GoogltAuthUtil.

Stuck with:
3. How to link currently signed in Parse user after the user signs in with Google+?
4. How to create a new Parse User if Google+ was the user's first (and only ) login choice?

Answer 1

This seems to be similar with How to create a parse _User account from a Android Google token?

Following is my answer in that thread:

---

1. New User

The flow is as below:

1. User authorizes and a token is acquired
2. We create a new user with a random password

You can create a ParseUser using following code inside the newChooseAccountIntent() method that return email.

ParseUser user = new ParseUser(); user.setUsername(mEmail); user.setPassword(randomPassword); user.setEmail(mEmail); user.signUpInBackground(new SignUpCallback() {   public void done(ParseException e) {     if (e == null) {       // Hooray! Let them use the app now.     } else {       // Sign up didn't succeed. Look at the ParseException       // to figure out what went wrong     }   } }); 

2. Returning User

This is the where most of people stuck, as I researched over the Internet. The flow is as below:

1. User authorizes and the app gets a token
2. We pass this token to Cloud Code to validate. We need to check if this token is signed by Google and if it is meant for us (android-developers (2013)).
3. After you can verify that the token is valid, you can query for the user in Cloud Code using Parse.Cloud.useMasterKey() method and return the session key by using getSessionToken() method on the query result.
4. Use the session key to save login state on disk by calling becomeInBackground method

To validate the token, you can send Parse.Cloud.httprequest to this endpoint: https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=. This is instructed in Google Identity Documentation. You will receive data as below:

{  "iss": "https://accounts.google.com",  "sub": "110169484474386276334",  "azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",  "email": "[email protected]",  "at_hash": "X_B3Z3Fi4udZ2mf75RWo3w",  "email_verified": "true",  "aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",  "iat": "1433978353",  "exp": "1433981953" } 

Things need to compare are "aud", "azp" and "email" which are translated as audience, authorized party and email.

To query for the current user on Cloud Code:

var query = new Parse.Query(Parse.User); query.equalTo("email",mEmail); query.first({   success: function(user) {     // Use user..getSessionToken() to get a session token   },   error: function(user, error) {     //   },   useMasterKey: true }); 

Note: Make sure you have following scope so that the email will show up when you check on Cloud Code: https://www.googleapis.com/auth/plus.profile.emails.read