Add Google one tap auth

[rishabhpoddar]

No description provided.

[rishabhpoddar]

Closing in favour of #386

[yvesbuschor]

@rishabhpoddar I see this issue is linking to itself. Is there any other issues or documentation around Google One Tap

[cvetojevichbojan]

Maybe it would be worth up voting the One Tap request in the Node backend sdk? supertokens/supertokens-node#88

I am thinking of trying to implement this via a custom provider.

@rishabhpoddar
Anyhow we do need this, as Google is suggesting using the One Tap Sign instead of the old sign in process that is linked from the supertokens documenation. And it simplifies the UX of signup / signin, while also eliminating the redirection link, we would just pass the Google ID token to the supertokens backend sdk and it can perform the validation and extract the user info.

https://supertokens.com/docs/thirdpartyemailpassword/custom-ui/thirdparty-login
https://developers.google.com/identity/sign-in/android/start-integrating

[rishabhpoddar]

We already have a demo app for this: https://github.com/supertokens/supertokens-auth-react/tree/master/examples/with-thirdparty-google-onetap

[cvetojevichbojan]

Thanks! Not sure how i missed it...

I would then just suggest to update the documentation for the 3rd party login: https://supertokens.com/docs/thirdpartyemailpassword/custom-ui/thirdparty-login

Specifically you should sync the Android and iOS sections for Flow 2: Via OAuth / Access token, currently its a bit confusing, i was under the impression that Google One Tap Sign in is not supported since the Android specific documentation points back to the Flow 1a -> Step 2: Which uses the redirectUri's in the backend api request example.

"redirecURIInfo": {
        "redirectURIOnProviderDashboard": "<YOUR_API_DOMAIN>/auth/callback/apple",
        "redirectURIQueryParams": {
        ...

Accidentally then i clicked on the under Flow two on the iOS tab and then i saw two new steps under Flow 2 :) which show the correct usage of the ID token in the backend api request:

"thirdPartyId": "google",
    "clientType": "...",
    "oAuthTokens": {
        "access_token": "...",
        "id_token": "..."
    },

If i am getting everything right :)

I believe it could be helpful for others as well, as this is an important feature for "Mobile API backends" that are considering using supertokens as an internal auth system and exposing it via their own API for mobile applications (which in turn will have their own custom UI and not relying on SuperTokens SDK in their app code)

Thanks for such great work!

[shashank-soluteLabs]

Maybe it would be worth up voting the One Tap request in the Node backend sdk? supertokens/supertokens-node#88

I am thinking of trying to implement this via a custom provider.

@rishabhpoddar Anyhow we do need this, as Google is suggesting using the One Tap Sign instead of the old sign in process that is linked from the supertokens documenation. And it simplifies the UX of signup / signin, while also eliminating the redirection link, we would just pass the Google ID token to the supertokens backend sdk and it can perform the validation and extract the user info.

https://supertokens.com/docs/thirdpartyemailpassword/custom-ui/thirdparty-login https://developers.google.com/identity/sign-in/android/start-integrating

@cvetojevichbojan can you please let me, how had you implemented it?

[cvetojevichbojan]

Hi @shashank-soluteLabs i used the implementation example provided by rishabhpoddar, but what it boils down to is just sending the one-tap-token to the backend sdk in a similar fashion as in the documentation.

Here is the example for google:

After receiving the "token" from google sdk, you would send it to your supertokens backend sdk for signup (for ex. localhost:10000/auth/signinup) in the following format:

{
    "thirdPartyId": "google",
    "oAuthTokens": {
        "id_token": "token_received_from_google_sdk"
    }
}