flutter google_sign_in auth without launching the browser

0
votes

I want to use the Flutter google-sign-in (https://pub.dev/packages/google_sign_in) package without firebase. I have successfully implemented it with the following code: 

  GoogleSignIn _googleSignIn = GoogleSignIn(
    scopes: [
      'email',
      'https://www.googleapis.com/auth/contacts.readonly',
    ],
  );

  Future<void> _handleSignIn() async {
    try {
      await _googleSignIn.signIn();
    } catch (error) {
      print(error);
    }
  }

//...
     child: FlatButton(
        onPressed: () => _handleSignIn(),
//...

However, this launches oauth in browser. How can i stop the browser to launch, and instead show that nice dialog that opens for oauth?

I've seen examples of the google-sign-in flutter package working in conjunction with firebase auth to have in-app authentication. But is this possible to do without firebase auth?

I've also read from here (How is OAuth 2 different from OAuth 1?) that oauth 2.0 is what i need to use for in-app authentication. Does that mean I can't use the google-sign-in package? It seems like this package only uses oauth1. Is this correct?

I've also seen this oauth2.0 flutter package (https://pub.dev/packages/oauth2). Is it possible to use this in conjunction with google-sign-in to get in-app authentication working, instead of launching the browser?

I'm a little confused about how everything relates to each other, any help is appreciated. Thanks!

2
flutteroauthoauth-2.0google-oauth
Which device are you running your app on?mdexp
iphone simulatorwei

2 Answers

0
votes

OAuth 1.0 is deprecated and should not be used.

OAuth 2.0 requires the "user" provide Authorization to delegate permissions to your application. OAuth 2.0 was designed to prevent credential (password) sharing and Google, as the Authorization server in your case, WILL not allow you to present a dialog that could potentially allow you access to a User's credentials.

You should present more details as to your specific use-case.

You might be able to use something like the OAuth 2.0 Device Authorization Grant

You can, using code, setup a socket to listen for the Authorization Server's Response to obtain the Access (and perhaps Refresh) Token.

0
votes

I realized that the reason that this is happening is because I'm on an iphone Simulator.