Android App Development : Google Sign In/Login

Integrating Google Sign-In into Your Android App

1. Try Android Sample Project
2. Configure a Google API Console project and set up your Android Studio project
3. Integrating Google Sign-In into Your Android App
4. Additional Scopes

OAuth2 involves authentication and authorisation

Authentication and Authorization frontend and backend workflow

OAuth2 workflow

Source of the above image is linked to the image

Android Sample Projects

Sample project for google signin

To integrate Google Sign-In into your Android app, configure Google Sign-In and add a button to your app's layout that starts the sign-in flow.

Gradle

In your project's top-level build.gradle file,

allprojects {
    repositories {
        google()

        // If you're using a version of Gradle lower than 4.1, you must instead use:
        // maven {
        //     url 'https://maven.google.com'
        // }
    }
}

Then, in your app-level build.gradle file, declare Google Play services as a dependency:

apply plugin: 'com.android.application'
    ...
    dependencies {
        implementation 'com.google.android.gms:play-services-auth:20.4.1'
    }

Configure a Google API Console project

To configure a Google API Console project, click the button here, and specify your app's package name when prompted. You will also need to provide the SHA-1 hash of your signing certificate(see SHA-1 with Gradle). See Authenticating Your Client for information.

After first time(creation), you may access via console. in case you want to change SHA-1 hash, eg: when you develop in a different machine

Self-signing Your Application

If you're not using Play App Signing, follow the instructions below to use Keytool or Gradle's Signing Report to get your SHA-1.

Open a terminal and run the keytool utility provided with Java to get the SHA-1 fingerprint of the certificate. You should get both the release and debug certificate fingerprints.

To get the release certificate fingerprint:

keytool -list -v \
-alias <your-key-name> -keystore <path-to-production-keystore>

To get the debug certificate fingerprint:

keytool -list -v \
-alias androiddebugkey -keystore %USERPROFILE%\.android\debug.keystore

Using Gradle's Signing Report

You can also get the SHA-1 of your signing certificate using the Gradle signingReport command:

./gradlew signingReport

The signing report will include the signing information for each of your app's variants:

 ./gradlew signingReport
Starting a Gradle Daemon, 2 stopped Daemons could not be reused, use --status for details
> Task :app:signingReport
Variant: debug
Config: debug
Store: C:\Users\sreek\.android\debug.keystore
Alias: AndroidDebugKey
MD5: A5:88:41:04:8D:06:71:6D:FE:33:76:87:AC:AD:19:23
SHA1: A7:89:E5:05:C8:17:A1:22:EA:90:6E:A6:EA:A3:D4:8B:3A:30:AB:18
SHA-256: 05:A2:2C:35:EE:F2:51:23:72:4D:72:67:A5:6C:8C:58:22:2A:00:D6:DB:F6:45:D5:C1:82:D2:80:A4:69:A8:FE
Valid until: Saturday, 22 February, 2053
----------
Variant: release
Config: null
Store: null
Alias: null
----------
Variant: debugAndroidTest
Config: debug
Store: C:\Users\sreek\.android\debug.keystore
Alias: AndroidDebugKey
MD5: A5:88:41:04:8D:06:71:6D:FE:33:76:87:AC:AD:19:23
SHA1: A7:89:E5:05:C8:17:A1:22:EA:90:6E:A6:EA:A3:D4:8B:3A:30:AB:18
SHA-256: 05:A2:2C:35:EE:F2:51:23:72:4D:72:67:A5:6C:8C:58:22:2A:00:D6:DB:F6:45:D5:C1:82:D2:80:A4:69:A8:FE
Valid until: Saturday, 22 February, 2044
----------
BUILD SUCCESSFUL in 23s
1 actionable task: 1 executed

Use the Sha1 under Variant: release.

This can also be done with Android studio GUI as follows. reference

Note: Refresh button no more in gradle window. Solution

Get your backend server's OAuth 2.0 client ID

If your app authenticates with a backend server or accesses Google APIs from your backend server, you must get the OAuth 2.0 client ID that was created for your server. To find the OAuth 2.0 client ID:

1. Open the Credentials page in the API Console.
2. The Web application type client ID is your backend server's OAuth 2.0 client ID.

Pass this client ID to the requestIdToken or requestServerAuthCode method when you create the GoogleSignInOptions object.

Summarizing Basic steps

1. Configure a Google API project here
   1. Specify the package name eg: com.google.samples.quickstart.signin
   2. Provide the SHA-1 hash of your signing certificate(find as mentioned above)
   3. For communication with server side(eg: IdTokenActivity & ServerAuthCodeActivity), you need OAuth 2.0 web client ID. client ID represents your apps backend server . Get it from here
   4. Your web server client ID is displayed next to Web client (Auto-created for Google Sign-in)
2. set build.gradle , both project level and module level as mentioned above
3. Add google Signin Button in layout

   <com.google.android.gms.common.SignInButton
       android:id="@+id/sign_in_button"
       android:layout_width="wrap_content"
       android:layout_height="wrap_content"
       android:layout_marginStart="8dp"
       android:layout_marginTop="8dp"
       android:layout_marginEnd="8dp"
       android:layout_marginBottom="8dp"
       app:layout_constraintBottom_toBottomOf="parent"
       app:layout_constraintEnd_toEndOf="parent"
       app:layout_constraintHorizontal_bias="0.555"
       app:layout_constraintStart_toStartOf="parent"
       app:layout_constraintTop_toTopOf="parent"
       app:layout_constraintVertical_bias="0.318" />

4. Use the OAuthActivity Class as reference. To get an idea, how it works check official doc

Errors

1. GoogleSignInStatusCodes
   Most Common signInResult:failed code=12501, solution
2. APIException CommonStatusCodes
   Most Common signInResult:failed code=10, solution

New !!! One Tap sign-in/sign-up

Note: Google Sign-In for Android is based on an older, legacy library that lacks many new features now available in the new library as described in Google Identity Services One Tap sign-in/sign-up.
https://www.youtube.com/watch?v=KFGthqwDmc0&t=96s

Refer Android Class for Google Login for more details