iOS: Google Authentication Code

Question

I am working with authenticating user to use the google account he is associated with. The problem is that everytime the user logs in through my app, the "Allow Access" always appears on the Google's authentication view even I had clicked the Allow Access already from previous test. Is this normal or am I doing my codes wrong? Please help me guys.

I used the following codes for loggin in an out:

- (IBAction)signIn:(id)sender {
    if(!isSignedIn){
        [self signOutFromAll];

        NSString *keychainItemName = nil;

        // save keychain
        keychainItemName = kKeychainItemName;

        NSString *scope = @"https://www.googleapis.com/auth/plus.me";

        NSString *clientID = kClientID;
        NSString *clientSecret = kClientSecret;

        SEL finishedSel = @selector(viewController:finishedWithAuth:error:);

        GTMOAuth2ViewControllerTouch *viewController;
        viewController = [GTMOAuth2ViewControllerTouch controllerWithScope:scope 
                                                                  clientID:clientID 
                                                              clientSecret:clientSecret 
                                                          keychainItemName:keychainItemName 
                                                                  delegate:self 
                                                          finishedSelector:finishedSel];

        [[self navigationController]pushViewController:viewController animated:YES]; 
    } else {
        [self displayAlertWithMessage:@"Currently Signed in."];
    } }

- (IBAction)signOut:(id)sender {
    [self signOutFromAll];
    [self displayAlertWithMessage:@"Signed out."]; }

This is for the delegate:

- (void)viewController:(GTMOAuth2ViewControllerTouch *)viewController 
      finishedWithAuth:(GTMOAuth2Authentication *)auth 
                 error:(NSError *)error{
    if(error != nil){
        // Authentication failed...
        NSLog(@"Authentication error: %@", error);
        NSData *responseData = [[error userInfo] objectForKey:@"data"];
        if([responseData length] > 0)
            NSLog(@"%@", [[[NSString alloc]initWithData:responseData encoding:NSUTF8StringEncoding]autorelease]);
        self.auth = nil;
    } else {
        // Authentication succeeded...
        isSignedIn = YES;
        self.auth = auth;
    }
}

And awakeFromNib:

- (void)awakeFromNib{
    // Fill in the Client ID and Client Secret text fields
    NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];

    // First, we'll try to get the saved Google authentication, if any, from the keychain
    // Normal applications will hardcode in their client ID and client secret,
    // But the sample app allows the user to enter them in a text field, and saves them in the preferences
    NSString *clientID      = [defaults stringForKey:kGoogleClientIDKey];
    NSString *clientSecret  = [defaults stringForKey:kGoogleClientSecretKey];

    GTMOAuth2Authentication *auth;

    auth = [GTMOAuth2ViewControllerTouch authForGoogleFromKeychainForName:kKeychainItemName
                                                                 clientID:clientID
                                                             clientSecret:clientSecret];

    if (auth.canAuthorize) {
        // There is saved google authentication
        // self.serviceSegments.selectedSegmentIndex = 0;
    } 

    // Save the authentication object, which holds the auth tokens
    self.auth = auth;

    [self setAuth:auth];
    isSignedIn = self.auth.canAuthorize;
}

By the way my reference for these codes is on this link: http://code.google.com/p/gtm-oauth2/wiki/Introduction#Using_the_OAuth_2_Controllers

Answer 1

from the docs:

The keychain item name is used to save the token on the user’s keychain, and should identify both your application name and the service name(s). If keychainItemName is nil, the token will not be saved, and the user will have to sign in again the next time the application is run.

http://code.google.com/p/gtm-oauth2/wiki/Introduction

So, from your code, it depends on what kKeychainItemName is set to.

Just thought I'd comment on this as I was reading the docs.

Answer 2

Use this method when you get the oauth object to save into keychain

[GTMOAuth2ViewControllerTouch saveParamsToKeychainForName:YOUR_KEYCHAIN_ITEM_NAME authentication:auth];

and

before making a call to api just check and retrieve the oauth object using this

GTMOAuth2Authentication * auth = [GTMOAuth2ViewControllerTouch
                                      authForGoogleFromKeychainForName:YOUR_KEYCHAIN_ITEM_NAME
                                      clientID:GOOGLE_CLIENT_KEY
                                      clientSecret:GOOGLE_CLIENT_SECRET];

and make sure it's oauth object is authentic with using this

if(![GTMOAuth2ViewControllerTouch authorizeFromKeychainForName:YOUR_KEYCHAIN_ITEM_NAME authentication:auth])