问题
I've integrated Google SignIn SDK (v4.0.1) to my iOS app. The normal authentication process is working fine via:
GIDSignIn.sharedInstance().signIn()
The retrieved idToken is valid and includes both email and the user's basic info:
given_name
family_name
picture
- Google provide this URL for reviewing token data: https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=
Problem is, after relaunching the app, I perform silent login on didFinishLaunchingWithOptions like so:
if GIDSignIn.sharedInstance().hasAuthInKeychain() {
GIDSignIn.sharedInstance().signInSilently()
}
The delegate function sign(_ signIn: GIDSignIn!, didSignInFor user: GIDGoogleUser!, withError error: Error!) is being called. And the authentication seem to have completed successfully. However, the idToken retrieved (from user.authentication.idToken) is missing the info of the "profile" scope. Only email field is provided.
Sending this idToken to our backend server results in a valid login but with missing info populated into our db. frustrating.
It feels like GIDSignIn.sharedInstance().signInSilently() does not respect GIDSignIn.sharedInstance().shouldFetchBasicProfile even if set true beforehand.
Attempt to refresh the token at this stage by running user.authentication.refreshTokens:handler produces a new token, again, with missing profile scope.
来源:https://stackoverflow.com/questions/42189966/ios-google-silent-sign-in-provides-a-valid-token-with-missing-profile-info