Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GIDSignIn.sharedInstance.signIn(...) is requesting more scopes than it should on version 7.1.0 #407

Open
fabio914 opened this issue May 3, 2024 · 4 comments
Open

GIDSignIn.sharedInstance.signIn(...) is requesting more scopes than it should on version 7.1.0 #407

fabio914 opened this issue May 3, 2024 · 4 comments
Labels
enhancement New feature or request

Comments

@fabio914
Copy link

fabio914 commented May 3, 2024

Describe the bug
I was updating Google Sign-In in our app from version 6.0.2 to version 7.1.0 and I noticed that even though we're not requesting any additional scopes, GIDSignIn.sharedInstance.signIn(...) is presenting a page after login asking the user to give additional permissions before completing the Sign-In flow.

This wasn't happening previously when we were using version 6.0.2.

To Reproduce
Steps to reproduce the behavior:

  1. Use this call to initiate the Sign-In flow:
GIDSignIn.sharedInstance.signOut()
GIDSignIn.sharedInstance.configuration = GIDConfiguration(clientID: "...our client ID")

GIDSignIn.sharedInstance.signIn(
    withPresenting: presentingViewController,
    completion: { [weak self] result, error in
        // ... complete login
    }
}
  1. Run the app on the simulator or a device.
  2. Initiate the Sign-in flow.

Expected behavior
No additional scopes should be requested after completing Sign-In with Google.

Screenshots

Version 7.1.0
Screenshot 2024-05-03 at 11 51 05

Environment

  • Device: Tested on the iPhone 15 Simulator (iOS 17.0) and an iPhone 11 Pro (iOS 17.4.1)
  • OS: iOS 17
@fabio914 fabio914 added bug Something isn't working triage Issues that need to be triaged labels May 3, 2024
@fabio914
Copy link
Author

fabio914 commented May 3, 2024

I wonder if this is related to this extra parameter: include_granted_scopes=true #70

@fabio914
Copy link
Author

fabio914 commented May 3, 2024

I managed to rebuild the framework without include_granted_scopes=true and confirm that this change in behaviour is because of that flag. Would it be ok to make that configurable?

This isn't how our Sign-in with Google flow behaves on the web and our Android app, we'd prefer to keep that consistent and only request the email and profile scopes.

@mdmathias
Copy link
Collaborator

Hey @fabio914. Thanks for the issue. It's been this way for quite some time - this commit 1f87abd was included in GSI 6.1.0, released in December 2021.

We will take this as a feature request and will consider it for the future.

@mdmathias mdmathias added enhancement New feature or request and removed bug Something isn't working triage Issues that need to be triaged labels May 10, 2024
@jcolicchio
Copy link

We ran into the same issue. There is no way for us to temporarily add scopes for a one-off operation, without having to ask the user to reconfirm those scopes every time they log in. Please allow for the option not to request all previously granted scopes as we may not need them at login

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fabio914 @jcolicchio @mdmathias