calendar Jan 1, 0001  ·  · 2 min read  ·
Share on: bluesky linkedin copy
Content might be outdated

GCP

  • Security ** Identity-Aware Proxy *** Enable

Click the level you want to protect In the right-side info panel, click ADD MEMBER, search the user and select the role Cloud IAP -> IAP-secured Web App User, they will end up under IAP-secured Web App User

Under API & Services, click CREATE CREDENTIALS, select OAuth client ID, Android, add Name, Signing-certificate fingerprint and Package name

In the Android app, in an Activity, add ''' onCreate

// [START configure_signin] // Configure sign-in to request the user's ID, email address, and basic // profile. ID and basic profile are included in DEFAULT_SIGN_IN. GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN) .requestIdToken(getString(R.string.server_client_id)) // IAP-App-Engine-App from API & Services, Credentials, OAuth 2.0 Client IDs .requestEmail() .build(); // [END configure_signin]

    // [START build_client]
    // Build a GoogleSignInClient with the options specified by gso.
    mGoogleSignInClient = GoogleSignIn.getClient(this, gso);
    // [END build_client]
    mGoogleSignInClient.silentSignIn().addOnCompleteListener(this, new OnCompleteListener<GoogleSignInAccount>() {
        @Override
        public void onComplete(@NonNull Task<GoogleSignInAccount> task) {
            handleSignInResult(task);
        }
    });
    
      @Override
protected void onStart() {
    super.onStart();

// GoogleSignInAccount account = GoogleSignIn.getLastSignedInAccount(this); // if (account == null) { Intent signInIntent = mGoogleSignInClient.getSignInIntent(); startActivityForResult(signInIntent, RC_SIGN_IN); // } else { // Log.i(TAG, "Logged in as: " + account.getEmail()); // } }

// [START onActivityResult]
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
    super.onActivityResult(requestCode, resultCode, data);

    // Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
    if (requestCode == RC_SIGN_IN) {
        // The Task returned from this call is always completed, no need to attach
        // a listener.
        Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
        handleSignInResult(task);
    }
}
// [END onActivityResult]


// [START handleSignInResult]
private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
    try {
        GoogleSignInAccount account = completedTask.getResult(ApiException.class);

        // Signed in successfully
        Config config = Config.getInstance();
        config.setToken(account.getIdToken());
    } catch (ApiException e) {
        // The ApiException status code indicates the detailed failure reason.
        // Please refer to the GoogleSignInStatusCodes class reference for more information.
        Log.w(TAG, "signInResult:failed code=" + e.getStatusCode());

    }
}
// [END handleSignInResult]

'''

https://developers.google.com/identity/sign-in/android/start-integrating

GoogleSignInStatusCodes - https://developers.google.com/android/reference/com/google/android/gms/auth/api/signin/GoogleSignInStatusCodes.html#getStatusCodeString(int)

CommonStatusCodes - https://developers.google.com/android/reference/com/google/android/gms/common/api/CommonStatusCodes.html