omniauth-google-oauth2 icon indicating copy to clipboard operation
omniauth-google-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon zquestz

Google Sign-In Library deprecation?

Open smoyte opened this issue 2 years ago • 13 comments

Hi there! Thanks for this great gem! I got an email stating that my app needed to migrate to the new "Google Identity Services SDK" by March 2023.

For more, see the yellow banner here: https://developers.google.com/identity/sign-in/web/server-side-flow

Does this deprecation impact this gem? For me it's hard to tell since I don't believe this gem uses any JavaScript, and yet I still got the deprecation notice.

smoyte avatar Mar 24 '22 01:03 smoyte

I am wondering about this too? I believe that the only thing that is affected with the new Google Identity changes is the Google Sign-In Javascript library, thus making this omniauth gem unaffected and okay to keep using.

They state below who is affected with the new changes, explained here: [https://developers.googleblog.com/2021/08/gsi-jsweb-deprecation.html].

"The deprecation applies only to web apps using the Google Sign-in JavaScript library . If your web pages currently load the Google Platform Library (apis.google.com/js/platform.js), you are affected and need to migrate to the newer Sign In With Google client library.

Your suite of apps and platforms may also be using multiple methods of authentication and authorization offered by Google. The following are NOT affected by this deprecation announcement:

  • Android or iOS native app SDKs,
  • apps or platforms directly calling Google’s OAuth2 or OpenID services."

I'd love to here more input on this though. Not sure if I am understanding correctly.

kristiansaenz avatar Mar 30 '22 17:03 kristiansaenz

I think the main implication of this for this gem is that the docs need to be updated to include examples of using the new API, which is quite different on the client side and can't be easily figured out based on examples from the deprecated one. If the maintainers are interested, I'm in the process of implementing this right now and would be happy to open a PR to add/update docs on how I've done it to the README once I'm done.

danascheider avatar Aug 29 '22 21:08 danascheider

Please do, @danascheider!

abartov avatar Sep 03 '22 02:09 abartov

I think the main implication of this for this gem is that the docs need to be updated to include examples of using the new API, which is quite different on the client side and can't be easily figured out based on examples from the deprecated one. If the maintainers are interested, I'm in the process of implementing this right now and would be happy to open a PR to add/update docs on how I've done it to the README once I'm done.

I would love to see that done. =)

zquestz avatar Sep 03 '22 05:09 zquestz

Same here. Very interested

kwent avatar Sep 21 '22 19:09 kwent

Thank you folks, I haven’t forgotten about this but have fallen down quite the rabbit hole trying to figure it out as neither OAuth nor identity in general are specialisations of mine. Just an update!

danascheider avatar Sep 21 '22 21:09 danascheider

Not sure if this helps, but current flow with auth_code will not work if a redirect_uri is defined, the only way I made this work was setting the default redirect uri provided by google (postmessage) a value. I tried this with omniauth and also with Signet, and both had the same issue, where invalid redirect uri was returned. So I think is something with Google API rather than the libraries.

javierg avatar Sep 26 '22 18:09 javierg

For the client side this flow works with the updated API

https://developers.google.com/identity/oauth2/web/guides/use-code-model#popup-mode

I'll put up a PR with an example of integrating this into a rails app when I have time

calebkeene avatar Nov 12 '22 17:11 calebkeene

Hello, is there any news on this?

arizz96 avatar Jan 27 '23 16:01 arizz96

Believe it or not, I’m still working on it. I had to take a bit of a detour to learn more about the OAuth 2 protocol and fell down a real rabbit hole. Hopefully I’ll figure it out by March when my login system stops working as Google removes their deprecated API 😬On 28 Jan 2023, at 3:49 am, Alessandro Rizzo @.***> wrote: Hello, is there any news on this?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: @.***>

danascheider avatar Jan 27 '23 20:01 danascheider

Any news on this? I've been trying to upgrade but I keep getting an error with the token: Could not authenticate you from GoogleOauth2 because "Undefined method 'expired?' for nil:nilclass". from omniauth

abuche-corpiq avatar Mar 08 '23 21:03 abuche-corpiq

While I don't understand the ins and outs of oauth2, while working through the migration, I've gathering that Google has opted for a simpler mechanism for authentication (sign in) as opposed to authorization, and that mechanism looks unrelated to this library.

I found this blog post helpful and it worked for me tying the new Google Sign In for web into a ruby server side mechanism for confirming the auth and then using it in our own session semantics.

Thought I'd mention it here in case it's helpful to others.

randypuro avatar Mar 13 '23 10:03 randypuro

I just took a closer look at the deprecation email I got from Google way back when, and it references a client ID I had been using when messing around with the Google Drive API. It does not mention the client ID I use in production for Google sign-in. Given that, and the fact that the sign-in flow supported by this gem doesn't seem to use any JavaScript, I am feeling pretty confident this deprecation doesn't apply to this gem. Sorry for the false alarm here. Fingers crossed that I am right!!

smoyte avatar Mar 27 '23 02:03 smoyte