You are currently viewing Google login | How to migrate to google identity services in 2022?

Google login | How to migrate to google identity services in 2022?

In this article, we will see for google login, how to migrate to google identity services API.

Nowadays, most users try to sign-up and sign in using social means. The reason is – it is hard for users to remember the password when they do signup using the email and password forms.

With so many platforms and subscriptions, it is obvious that users tend to use social signup like Facebook login, Google login, apple login, etc.

If you’re using google login, you must have gotten this mail from google –

Beginning April 30th, 2022 new web applications must use the Google Identity Services library, existing web apps may continue using the Platform Library until the March 31, 2023 deprecation date.

So, after March 31, 2023, the Platform Library won’t work and users will not be able to log in. This article list the steps on how to migrate to make google login work like before.

Table of Contents

How does google login work?

When the user clicks the google button, google prompts an account chooser popup.

When the user chooses one of the Gmail id accounts, Google returns the access_token which is available in the callback function.

This access_token is passed to the backend API through a REST API call.

The backend API then calls the Google APIs with the access_token as param to access the user’s profile and sign in or sign up to our system. 

Current Scenario

To obtain a per-user access token to call Google APIs, Google offers multiple JavaScript libraries:

  1. Google Sign-In Platform Library
  2. Google API Client Library for JavaScript

Now, Google has –

  • replace the deprecated Platform Library with the Identity Services library, and
  • removed the deprecated gapi.auth2 module, its methods, and objects, replacing them with Identity Services equivalents.

Google User Authorization Model for google login

There are the following ways through which we can obtain the user profile after the user select the email id in the account chooser prompt – 

  1. Code Model
  2. Token Model
  3. GIS credential

Code Model

  • The client clicks the google button and Google sends the unique authorization code
  • The client passes the authorization code to the service api
  • After validation, the service API sends this code to google api to exchange it for per-user access and refresh tokens
  • With access_token, service api fetches the user profile and creates the account or login

Code illustrationhttps://developers.google.com/identity/oauth2/web/guides/migration-to-gis#gis-popup-ux

Token Model

  • The client clicks the google button after the user gave consent through the prompt.
  • Google then returns a TokenResponse containing an access token and a list of scopes the user has granted access to, or an error, to your callback handler.
  • The client passes the access_token to service api
  • With access_token, service api fetches the user profile and creates the account or login

Code Illustration – https://developers.google.com/identity/oauth2/web/guides/migration-to-gis#gis-only

GIS Credential

  • The client clicks the google button after the user gave consent through the prompt.
  • Google then returns a CredentialResponse object which contains a credential field which is the ID token as a base64-encoded JSON Web Token (JWT) string.
  • The client passes the CredentialResponse object to service api
  • Service decodes the JWT token which has the user profile and creates the account or login

Code Illustration – https://developers.google.com/identity/gsi/web/guides/handle-credential-responses-js-functions

Note:-

If you were using the Platform.js library and if you want the minimal code changes in the migration you should check the Token modal as it also returns the access_token like the Platform.js library does.

Steps to integrate the google identity service

  1. Load the Google 3P Authorization JavaScript Library i.e Identity Services library
    <script src=”https://accounts.google.com/gsi/client” async defer></script>
  2. Choose a user authorization model to get the access_token/unique authorization code/JWT token
  3. Exchange the code retrieved at step 2 to backend service api to fetch the user profile and make the user login/signup into the system

Code Implementation for google login

I hope this article helps you in the migration and if you find any difficulty contact us. If you find this article helpful, please share it. 

If you are interested in Data structure problems –

Binary Tree – How to implement using Javascript in 2022?

Please share the articles on –

Facebook
Twitter
LinkedIn
Subscribe

The latest tips and news from the industry straight to your inbox!

Join 30,000+ subscribers for exclusive access to our monthly news and tutorials!