Overview
This class signs the user in with Google.
It provides single sign-on via the Google+ app (if installed), Chrome for iOS (if installed), or Mobile Safari.
For reference, please see "Google+ Sign-In for iOS" at https://developers.google.com/+/mobile/ios/sign-in . Here is sample code to use GPPSignIn
:
- Get a reference to the
GPPSignIn
shared instance: GPPSignIn *signIn = [GPPSignIn sharedInstance]; - Set the OAuth 2.0 scopes you want to request: [signIn setScopes:[NSArray arrayWithObject: "https://www.googleapis.com/auth/plus.login"]];
- Call
[signIn setDelegate:self];
- Set up delegate method
finishedWithAuth:error:
. - Call
handleURL
on the shared instance fromapplication:openUrl:...
in your app delegate. - Call [signIn authenticate];
Public Member Functions | |
(BOOL) | - hasAuthInKeychain |
Checks whether the user has either currently signed in or has previous authentication saved in keychain. | |
(BOOL) | - trySilentAuthentication |
Attempts to authenticate silently without user interaction. | |
(void) | - authenticate |
Starts the authentication process. | |
(BOOL) | - handleURL:sourceApplication:annotation: |
This method should be called from your UIApplicationDelegate 's application:openURL:sourceApplication:annotation . | |
(void) | - signOut |
Removes the OAuth 2.0 token from the keychain. | |
(void) | - disconnect |
Disconnects the user from the app and revokes previous authentication. | |
(GTLServicePlus *) | - plusService |
Gets a service object authenticated as the current user. | |
Static Public Member Functions | |
(GPPSignIn *) | + sharedInstance |
Returns a shared GPPSignIn instance. | |
Properties | |
GTMOAuth2Authentication * | authentication |
The authentication object for the current user, or nil if there is currently no logged in user. | |
NSString * | idToken |
A JSON Web Token identifying the user. | |
NSString * | userID |
The Google user ID. | |
NSString * | userEmail |
The Google user's email. | |
GTLPlusPerson * | googlePlusUser |
The Google+ user profile. | |
id< GPPSignInDelegate > | delegate |
The object to be notified when authentication is finished. | |
All properties below are optional parameters. | |
NSString * | clientID |
The client ID of the app from the Google APIs console. Must set for sign-in to work. | |
NSString * | homeServerClientID |
The client ID of the home web server. | |
NSString * | homeServerAuthorizationCode |
An OAuth2 authorization code for the home server. | |
NSString * | openIDRealm |
The OpenID2 realm of the home web server. | |
NSArray * | scopes |
The API scopes requested by the app in an array of NSString s. | |
BOOL | attemptSSO |
Whether or not to attempt Single-Sign-On when signing in. | |
NSString * | language |
The language for sign-in, in the form of ISO 639-1 language code optionally followed by a dash and ISO 3166-1 alpha-2 region code, such as @"it" or @"pt-PT" . | |
NSString * | keychainName |
Name of the keychain to save the sign-in state. | |
NSArray * | actions |
An NSString array of moment types used by your app. | |
BOOL | shouldFetchGoogleUserEmail |
Whether or not to fetch user email after signing in. | |
BOOL | shouldFetchGoogleUserID |
Whether or not to fetch user ID after signing in. | |
BOOL | shouldFetchGooglePlusUser |
Whether or not to fetch Google+ user profile after signing in. | |
BOOL | useClientIDForURLScheme |
Whether or not the SDK will use the reversed client ID instead of the app's bundle ID as the URL scheme, NO by default. |
Member Function Documentation
+ (GPPSignIn *) sharedInstance |
Returns a shared GPPSignIn
instance.
- (BOOL) hasAuthInKeychain |
Checks whether the user has either currently signed in or has previous authentication saved in keychain.
- (BOOL) trySilentAuthentication |
Attempts to authenticate silently without user interaction.
Returns YES
and calls the delegate if the user has either currently signed in or has previous authentication saved in keychain. Note that if the previous authentication was revoked by the user, this method still returns YES
but finishedWithAuth:error:
callback will indicate that authentication has failed.
- (void) authenticate |
Starts the authentication process.
Set attemptSSO
to try single sign-on. If attemptSSO
is true, try to authenticate with the Google+ app, if installed. If false, always use Google+ via Chrome or Mobile Safari for authentication. The delegate will be called at the end of this process. Note that this method should not be called when the app is starting up, (e.g in application:didFinishLaunchingWithOptions:). Instead use the trySilentAuthentication
method.
- (BOOL) handleURL: | (NSURL *) | url | |
sourceApplication: | (NSString *) | sourceApplication | |
annotation: | (id) | annotation | |
This method should be called from your UIApplicationDelegate
's application:openURL:sourceApplication:annotation
.
Returns YES
if GPPSignIn
handled this URL. Also see handleURL:sourceApplication:annotation:
in GPPURLHandler
.
- (void) signOut |
Removes the OAuth 2.0 token from the keychain.
- (void) disconnect |
Disconnects the user from the app and revokes previous authentication.
If the operation succeeds, the OAuth 2.0 token is also removed from keychain. The token is needed to disconnect so do not call signOut
if disconnect
is to be called.
- (GTLServicePlus *) plusService |
Gets a service object authenticated as the current user.
The service object can execute queries, for example, to get list of people that is visible to this app. The user must be signed in for this method to work.
Property Documentation
- (GTMOAuth2Authentication*) authentication [read, assign] |
The authentication object for the current user, or nil
if there is currently no logged in user.
- (NSString*) idToken [read, assign] |
A JSON Web Token identifying the user.
Send this token to your server to authenticate the user on the server. For more information on JWTs, see http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-05
- (NSString*) userID [read, assign] |
The Google user ID.
It is only available if shouldFetchGoogleUserID
is set and either trySilentAuthentication
or authenticate
has been completed successfully.
- (NSString*) userEmail [read, assign] |
The Google user's email.
It is only available if shouldFetchGoogleUserEmail
is set and either trySilentAuthentication
or authenticate
has been completed successfully.
- (GTLPlusPerson*) googlePlusUser [read, assign] |
The Google+ user profile.
It is only available if shouldFetchGooglePlusUser
is set and either trySilentAuthentication
or authenticate
has been completed successfully.
- (id<GPPSignInDelegate>) delegate [read, write, assign] |
The object to be notified when authentication is finished.
All properties below are optional parameters. If they need to be set, set before calling authenticate
.
- (NSString*) clientID [read, write, copy] |
The client ID of the app from the Google Developers console. Must set for sign-in to work.
- (NSString*) homeServerClientID [read, write, copy] |
The client ID of the home web server.
This will be returned as the audience
property of the JWT ID token. For more info on the ID token: https://developers.google.com/accounts/docs/OAuth2Login#obtainuserinfo
- (NSString*) homeServerAuthorizationCode [read, nonatomic] |
An OAuth2 authorization code for the home server.