0

Google is currently transitioning their OAuth sign-in flow to granular permissions.

In their recommended approach for Android applications they write:

If you use auth.api.signin SDK from Play Services to interact with Google OAuth 2.0, you can use requestPermissions function to request the smallest set of scopes needed, and the hasPermissions function to check which scopes the user granted when requesting granular permissions.

However the mentioned auth.api.signin SDK is deprecated. Replacements are Credential Manager for authentication or Google Identity Services for authorization.

Handling granular permissions with auth.api.signin SDK seemed pretty straightforward, but in auth.api.identity I can't find any replacement for the hasPermissions function.

Is there any other way in auth.api.signin to check which scopes the user granted? Or am I missing something else?

Improve this question

1 Answer 1

Reset to default
0

You should be able to check which scopes the user granted from the AuthorizationResult object returned from the public methods of AuthorizationClient. The AuthorizationResult object has a method getGrantedScopes() to see what scopes that user had granted access to.

Improve this answer
1
  • so does that mean I need to remember which scopes were granted by the user on last authorization request? what if the user switches to another google account? what if scopes are revoked in google account settings outside of the app? this approach doesn't seem to cover all these edge cases
    – ndreisg
    Commented Jun 25 at 16:17

Not the answer you're looking for? Browse other questions tagged or ask your own question.