4

I'm trying to implement "cross device sign-on" using Google Plus in my Android app.

How to implement this is not very well documented, and the best documentation I have found is this video, and these sample apps in github.

Given the code of the sample Android app, and what the Google developers say in the video, I understand that the following would happen:

  1. I install and start the app in device A. This device has only one Google account, which never logged in to the app.

  2. onCreate() will call PlusClient#connect(). As the user never signed-in in the another device, we will get a onConnectionFailed().

  3. If the user clicks in the sign-in button, the we will execute mLastConnectionResult.startResolutionForResult(), which will execute a PendingIntent that will ask for permission to the user.

  4. Now that we the user has granted permissions, a new call to PlusClient#connect() will result in onConnected().

  5. Now, in we install the app in device B. This device has only one Google account, the same as device B.

  6. In onCreate() we will launch PlusClient#connect()

  7. As the same Google account previously granted the same set of permissions/scope in another device, onConnected() will be called.

In the previous sequence, the point 7 does not happen. The immediate connection won't never happen. It is true that if I do mLastConnectionResult.startResolutionForResult() it will connect without asking the same permissions again, but the connection triggered from onCreate will result in an onConnectionFailed() if the app has been just installed.

I'm not sure if i'm getting it wrong and it just is not meant to work like that (but that is what I understood from the video), or it is just not working as expected.

Any help will be much appreciated.

Thank you.

NOTES: - the app is properly set up in google play developers console - I'm requesting exactly the same scope in the two different clients, as it is actually the same app - both devices has only one Google account. - I'm running this experiment using the sample app in github

GaRRaPeTa
  • 5,459
  • 4
  • 37
  • 61

3 Answers3

4

I've struggled with this too, and turns out that cross-platform SSO is checked only for the very first time your app is opened (first run after install). Clearing the cache and data for Google Play Services worked for me.

Ran Dahan
  • 415
  • 1
  • 3
  • 10
  • Thanks!!! you are absolutely right. I guess something is cached in Google Play Services that prevents the play services library to HTTP Google server. This scenario is very likely to get reproduced when developing and using the same device several times. – GaRRaPeTa Apr 23 '14 at 10:56
0

I'm not sure what's going on here. If you tap the sign-in button, are you prompted to re-consent, or do you get signed in automatically? (For diagnostic purposes; you shouldn't need to do this.)

Cross-device SSO should work from Android to web and vice-versa, as well as Android to Android. If there's more than one account on the device, you can't avoid the account picker, but that doesn't appear to be the case here.

I've tested this just now with the sample app at https://github.com/googleplus/gplus-quickstart-android and it seems to be working fine. I'd also make sure everything works with the https://www.googleapis.com/auth/plus.login scope before experimenting with anything else.

mjs
  • 63,493
  • 27
  • 91
  • 122
  • Hi, thanks for your time and your help. I have tried with the quickstart sample app and got the same results that with the Photohunt app at https://github.com/googleplus/gplus-photohunt-client-android and my custom app. Note that PhotoHunt uses the old PlusClient, while the QuickStart app uses the newer GoogleApiClient. I have followed the quickstart documentation step by step, I am only requesting Plus.SCOPE_PLUS_LOGIN (no changes in the code) and I have only one account in a Nexus7 device. – GaRRaPeTa Apr 14 '14 at 17:15
  • Once the user consents, if the login button is pressed it WON'T prompt to reconsent: the state is correctly stored and retrieved in Google's servers, and the user won't need to give twice the same set of permission. But, if I install the app in another device with the same account, the first time I call connect(), it will always end in an onConnectionFailed(). – GaRRaPeTa Apr 14 '14 at 17:15
0

To clarify even further, here is the reply I got from Google on the issue:

Cross-device single sign-on (CDSSO) is only run once per app per device, as you said. It's an expensive operation (iterating through all accounts on the device) and it usually won't yield any new result after the first run.

You have a few options to give your users a seamless sign-in experience after an uninstall/reinstall:

  • Use Smartlock for Passwords, which was built for this sort of thing. You can store the user's identifier in Smartlock and then have a no-touch sign in experience even when the user gets a brand new device.
  • Store the user's google account somewhere and then call setAccount() on the GoogleSignInOptions. This will make silent sign-in work if the user has signed in with that account before.
Community
  • 1
  • 1
virusman
  • 76
  • 1
  • 4