Forum Xamarin.Forms

Google Auth Error:disallowed_useragent

DhruvGohilDhruvGohil USMember ✭✭✭
edited January 2017 in Xamarin.Forms

I am getting Google Auth Error:disallowed_useragent in iOS when I try to authenticate google login using xamarin.auth.Google Document says Google has changed its Oauth policies, with this it is intended that no native web views initiate Oauth flows.So now, how to authenticate google login using xamarin.auth ?

«1

Answers

  • mintroinimintroini USMember

    Having the same issue over here... did you find any workaround on this matter? Thanks!

  • aunanueaunanue ARMember ✭✭

    @TiSeb you save my day! great info!

  • MasonAMasonA USMember

    Thank you!

  • BalueBalue ILMember ✭✭

    do you have that for android?

  • aunanueaunanue ARMember ✭✭

    @tiseb now I'm getting the same warning on Android, is there any workaround for this platform?

    Cheers

    Ariel

  • PabloBiagioliPabloBiagioli USMember ✭✭
    edited March 2017

    Hi @aunanue ,

    I investigated for a workaround. The only way you could change the User Agent for the OAuth mechanism would be to somehow get a hold on the WebView object that Xamarin.Auth should provide when the new Activity is triggered.

    This would be impossible for the moment, since the WebView provided is private, and not override-able. Maybe you could access to it via Reflection???

    The Android documentation for changing WebView's UserAgent is this one:
    https://developer.android.com/reference/android/webkit/WebSettings.html#setUserAgentString(java.lang.String)

    The Xamarin.Auth class responsible for triggering a new Activity with an embedded Chrome is this one (line 34):
    https://github.com/xamarin/Xamarin.Auth/blob/master/src/Xamarin.Auth.Android/WebAuthenticatorActivity.cs#L34

    I think this is a bug in Xamarin.Auth, since they don't expose the WebView or at least don't provide a proper DSL for changing the WebView's properties.

    Hope this helps you.

    Cheers
    Pablo

  • JUANMREIGOSAJUANMREIGOSA USMember
    edited April 2017

    Xamarin.Auth lastest version (1.4) will handle this I think.

    https://github.com/xamarin/Xamarin.Auth/issues/137#issuecomment-291228266

    I'm still having a little bit of trouble configuring it to work, but hopefully soon with @moljac help I can have this working.

  • moljacmoljac HRBeta ✭✭✭

    @PabloBiagioli
    Why would not exposing WebView be bug? This is the exact reason why google banned embedded web views.
    Not opening WebView was (maybe) design decision based on security concerns.

    According to google (not only) cons of embedded web views vs Native UI (Custom [Chrome] Tabs and SFSafariViewController)

    • embedded WebViews (Android WebView, iOS UIWebView and WKWebView) have big API surface, thus attack surface
    • Native UI is based on regularly updated code (Chrome and Safari)

    So, the proper way is to use Native UI for mobile (installed) apps.

    I have added [Custom] UserAgent API to Xamarin.Auth, but I do not encourage users to use it and it will (most likely) not be documented. I added support to WKWebView recently and it seems to be working, but OS vendors might ban that in the future.

  • DhruvGohilDhruvGohil USMember ✭✭✭
    edited April 2017

    @moljac
    not working after updating xamarin.auth to 1.4.1

    here is my code and I am getting null reference exception

    `var auth = new OAuth2Authenticator(
    clientId: "185391188679-9pa23l08eifrf4nmqccr9jm01udf3oup.apps.googleusercontent.com",
    scope: "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/plus.login",
    authorizeUrl: new Uri("https://accounts.google.com/o/oauth2/auth"),
    redirectUrl: new Uri("https://www.googleapis.com/plus/v1/people/me"),
    isUsingNativeUI:true);
    auth.AllowCancel = true;
    auth.Completed += LoginComplete;

    var authActivity = new CustomTabsIntent.Builder().Build();
    authActivity.Intent = auth.GetUI(activity) as Intent;
    authActivity.LaunchUrl(activity, Android.Net.Uri.Parse("https://accounts.google.com/o/oauth2/auth"));
    Xamarin.Forms.Forms.Context.StartActivity(authActivity.Intent);`

    Is there any document which tells how to implement this ?

  • moljacmoljac HRBeta ✭✭✭

    Morn

    @DhruvGohil
    1st: can you specify where/which/why NRE? New Xamarin.Auth is far from simple and this infor does not help a lot.

    If you start here:

    https://github.com/xamarin/Xamarin.Auth/tree/portable-bait-and-switch

    you'll get to:

    https://github.com/xamarin/Xamarin.Auth/blob/portable-bait-and-switch/component/GettingStarted.md

    and

    https://github.com/xamarin/Xamarin.Auth/blob/portable-bait-and-switch/component/Details.md

    All those docs are huge construction site. I'm writting more info based on experience (discussions with users that use it) in last few days.

    The repo with samples solution based on nuget (which is actually part of Xamarin.Auth repo, but separated here for easier handling/updates):

    https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences

    BTW: Read a bit about AppLinks, Deep linking - Custom Schemes, Universla Links you'll need it!

    Go to Community Slack #xamarin-auth-social channel and ping me there:

    https://xamarinchat.herokuapp.com/

  • JohnMckay.5741JohnMckay.5741 GBMember

    @moljac Hey, I'm having the same issue and going down the same path you have been down, any update on where you got to?

  • @DhruvGohil said:
    I am getting Google Auth Error:disallowed_useragent in iOS when I try to authenticate google login using xamarin.auth.Google Document says Google has changed its Oauth policies, with this it is intended that no native web views initiate Oauth flows.So now, how to authenticate google login using xamarin.auth ?

    Agreed with Dhruv, I am too getting same error i.e. disallowed_useragent whenever I try to authenticate user with Google Login with use of WebView.

  • RobStellerRobSteller USMember ✭✭

    Also getting the same error.

  • biaparbiapar ITMember ✭✭✭

    Same error.

  • moljacmoljac HRBeta ✭✭✭

    @JohnMckay.5741 Try samples given with 1.5.0-alpha

  • AKHAKH DKMember

    Hi,

    I tried the samples for Xamarin Forms (NativeUI.XamarinForms) and they do not compile for Android and I get several build errors like the first one here:

    "cannot find symbol extends android.support.v7.widget.CardView
    symbol: class CardView
    location: package android.support.v7.widget"

    Any chance that we can get a complete working example with Google authentication using OAuth2?

    Br.

  • AhmadZeitounAhmadZeitoun USMember ✭✭

    Hi Guys,

    From what I understood(after several days of googling this) the only way is to; access the platform directly using Dependency Service , and invoking the browser outside of the application. For Android = Chrome Custom Tabs. For IOS = SFSafariViewController.

    This seems like a challenge.
    If anyone has any working examples that comply to the Oauth2 Authorization flow please share.

    Thank you

  • EdHubbellEdHubbell USMember ✭✭

    I'm trying to work with a github repo - https://github.com/rhishikeshj/Xamarin.GoogleAuth - Can't get the sample working after about 2 hours of effort (at least on Droid - Haven't tried on iOS yet).

    The sample gets me a nice Google window with my multiple Google identities in it for me to choose, but I get an error on sign in. I've got the same issue as an open one on the repo. If it gets solved, I think I'll be in good shape.

    Be nice if there was an easier way to do this.

  • fenix2222fenix2222 AUMember ✭✭

    Is there any way to set global web view user agent for Android project, similar to this in iOS:

    // define useragent android like
    string userAgent = "Mozilla/5.0 (Linux; Android 5.1.1; Nexus 5 Build/LMY48B; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/43.0.2357.65 Mobile Safari/537.36";

    // set default useragent
    NSDictionary dictionary = NSDictionary.FromObjectAndKey(NSObject.FromObject(userAgent), NSObject.FromObject("UserAgent"));
    NSUserDefaults.StandardUserDefaults.RegisterDefaults(dictionary);

    ?? I can't find a way, only a property on webView itself, but webView is hidden in Xamarin.Auth, so I cannot access it.

  • AKHAKH DKMember

    Hi, the ComicBook example using Google authentication with Oauth2 works fine. Check: https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences

  • moljacmoljac HRBeta ✭✭✭

    @AKH Thanks to pointing that out.

    @fenix2222 Changing UserAgent violates Google's ToS. I started adding that feature in Xamarin.Auth, but Components Team members pointed out that that workaround might get users into troubles.

  • fenix2222fenix2222 AUMember ✭✭
    @moljac so what can we do to fix this problem? Any good solutions?
  • moljacmoljac HRBeta ✭✭✭

    @fenix2222

    Yes. Use NativeUI in Xamarin.Auth 1.4.0+

    I would suggest 1.5.0-alpha-15, by the time you implement it - it will be released.

  • AhmadZeitounAhmadZeitoun USMember ✭✭
    edited May 2017

    Hi Moljac,

    I am using Xamarin Forms, and need to Implement a non web view Google Authorization Flow, by using Android: Chrome Custom Tabs, IOS: Safari.
    Reviewing your code, I noticed something in regards to a Server side setup for OAuth service provider.
    Is this a different implementation from the usual Client Id, Redirect Uri, Client Secret ?
    Do I need a special service running on the web somewhere?
    I see something called ServerInfo with a bunch of static URI under your ComicBook PCL project.
    I am trying to follow your github but I am very confused, which path should I follow;
    Using Xamarin Forms, targeting two platforms Android/IOS what is the easiest path implementation can I follow.
    I had it all working with the web view but this is deprecated now. =(.
    Please help me understand =/

    Thanks Broski I appreciate your contributions to the Xamarin / Xamarin Forms community.

  • EdHubbellEdHubbell USMember ✭✭

    Thanks to @moljac for the work he's putting into this library and helping out people trying to implement it. Here is the rough outline of what I had to do to get Google Auth working again in a Xamarin Forms app.

    I downloaded and ran the Evolve16Labs demo in
    https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences/tree/master/Xamarin.Forms/Evolve16Labs If you can't get that to run, then you will probably have some environment level stuff you need to deal with. You will need to edit in a bunch of places to get it to work.

    Steps to convert to use Xamarin.Auth 1.5.0-alpha-15 in an existing Xamarin Forms app:

    Create Google Credentials

    Go to the Credentials tab in the Credentials tab (not kidding) at https://console.developers.google.com

    You may have had Google Auth working before in your forms app using credentials of the Web application type. Create two new sets of credentials of the iOS and Android type.

    (NOTE: Web application type may work - I don't know. I do have a project working using iOS and Android, so I'm sticking with that. The Android Signing-certificate fingerprint is a pain, but this app was already using Maps, so that part was done.)

    PCL/Droid/iOS projects

    Add the 1.5.0-alpha-15 version of Xamarin.Auth via Nuget (right click on packages, click Add Packages, make sure Show pre-release packages is checked in the lower left hand corner).

    Add the 1.5.0-alpha-15 of Xamarin.Auth.XamarinForms as well.

    Droid project:

    Add a Xamarin.Auth folder.

    Add the ActivityCustomUrlSchemeInterceptor.cs file to /Xamarin.Auth folder. Edit the file to use the inverse of the Android API credentials you created. If the credentials were

    1093596514437-d3rpjj7clslhdg3uv365qpodsl5tq4fn.apps.googleusercontent.com

    you use

    com.googleusercontent.apps.1093596514437-d3rpjj7clslhdg3uv365qpodsl5tq4fn

    Package upgrades - I'm using Xamarin.Forms 2.3.4.231. I needed to upgrade my Xamarin.Android.Support to V25.1.1. Older versions gave me an error with like so:
    no non-static method "Landroid/support/customtabs/CustomTabsIntent;.launchUrl(Landroid/content/Context;Landroid/net/Uri;)V"
    I just upgraded the Xamarin.Android.Support.V4 nuget, and everyone else seemed to come along.

    iOS Project:

    Add a Xamarin.Auth folder.

    In your iOS project, add the AppDelegate.OpenUrl.cs (no edits needed) to the /Xamarin.Auth folder.

    PCL:

    Grab some of the code from protected void ButtonGoogle_Clicked in https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences/blob/master/Xamarin.Forms/Evolve16Labs/Portable/MainPage.xaml.cs - I won't paste it all here. You'll see references to clientId and redirectUrl.

    For clientId, use the correct clientIds that you created on the Google site. For redirectUrl, use the inverse. There are examples in the code.

    Like any coding endeavor, there are infinite paths to failure. I've got my app running Google auth again, with a nice shiny 'Works on my Pixel' sticker. It also works in iOS simultators. Hopefully this helps someone.

  • AhmadZeitounAhmadZeitoun USMember ✭✭

    You rock Ed!!!

    Thank you Both Molj and Ed :smiley:

  • EdHubbellEdHubbell USMember ✭✭
    edited May 2017

    Forgot something:

    iOS:

    Add something like the following to the info.plist file to register the custom URL. Use your inverted iOS Google auth key.

    <key>CFBundleURLTypes</key>
    <array>
        <dict>
            <key>CFBundleURLName</key>
            <string>Xamarin.Auth Google OAuth</string>
            <key>CFBundleURLSchemes</key>
            <array>
                <string>com.googleusercontent.apps.1093596514437-e3rpjj7clslhdg3uv365qpodsl5tq4fn</string>
            </array>
            <key>CFBundleURLTypes</key>
            <string>Viewer</string>
        </dict>
    </array>
    
  • AhmadZeitounAhmadZeitoun USMember ✭✭

    Thanks Ed =]

  • moljacmoljac HRBeta ✭✭✭
    edited May 2017

    @AhmadZeitoun

    Hi Ahmad

    Reviewing your code, I noticed something in regards to a Server side setup for OAuth service provider.

    In the code? Or in the markdown docs?
    if in the docs. i work on those. For a lot of people server side is confusing and for some platforms like UWP trickery is needed.

    Is this a different implementation from the usual Client Id, Redirect Uri, Client Secret ?

    Yeo = Yes and No.

    Client Secret is not needed (if device is stolen it can be retirieved and it is considered to be like password), so you can set it to null or String.Empty

    Do I need a special service running on the web somewhere?

    No. Just correct setup on google console

    I see something called ServerInfo with a bunch of static URI under your ComicBook PCL project.

    ComicBook sample was made by Xamarin.University team for Evolve16 conference and it demoed nce trick to get Xamarin.Forms support called Presenters. I added that to Xamarin.Auth nuget.

    Look to the bottom of the UI - pickers and 1 google button. This is for new google. You can switch between Native UI (CustomTabs and Safari) and Embedded WebViews. Other picker is for testing Presenters and CustomRenderers implementation for Xamarin.Forms.

    Check Xamarin.Auth folders in platform specific projects to see what is needed to be done in order to implement new OAuth with Xamarin.Auth

    I am trying to follow your github but I am very confused, which path should I follow;

    new concept is far from trivial and just do not give up. I would suggest to go to community slack xamarin-auth-social channel. There are 10+ people that have integrated new Xamarin.Auth into their apps.

    Using Xamarin Forms, targeting two platforms Android/IOS what is the easiest path implementation can I follow.
    I had it all working with the web view but this is deprecated now. =(.

    That's life with google.

    Please help me understand =/

    Sure. I'd suggest to go to community slack channel.

  • moljacmoljac HRBeta ✭✭✭

    @EdHubbell Thanks for replacing me with nice explanation. I cannot be all over where Xamarin.Auth is mentioned.

  • dsapodsapo USMember ✭✭

    Hi Ed:

    I am following your guide to be able to log in using Android. I created an account in Developer Console for Android, but I dont see a secret, only the Client Id.

    So inside the following code, should I put a value for the Client Secret or it does not matter.

    var authenticator = new OAuth2Authenticator
    (
    ServerInfo.ClientId,
    ServerInfo.ClientSecret, //Secret value missing in Android
    "profile",
    ServerInfo.AuthorizationEndpoint,
    ServerInfo.RedirectionEndpoint,
    ServerInfo.TokenEndpoint,
    null,
    isUsingNativeUI: true
    );

    Thanks in advance.

    David

  • EdHubbellEdHubbell USMember ✭✭

    @daspo -

    My setup for Android mirrors what is in the https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences/blob/master/Xamarin.Forms/Evolve16Labs/Portable/MainPage.xaml.cs

    clientSecret: null,   // null or ""
    authorizeUrl: new Uri("https://accounts.google.com/o/oauth2/auth"),
    accessTokenUrl: new Uri("https://www.googleapis.com/oauth2/v4/token"),
    

    The only thing specific to my app are the values for retval_client_id and uri.
    retval_client_id = the Client ID from Google API (type: Android)
    uri = the inverse of the Client ID + :/oauth2redirect

    So in my code:

    clientId:
                             new Func<string>
                                (
                                     () =>
                                     {
                                         string retval_client_id = "oops something is wrong!";
    
                                         // some people are sending the same AppID for google and other providers
                                         // not sure, but google (and others) might check AppID for Native/Installed apps
                                         // Android and iOS against UserAgent in request from 
                                         // CustomTabs and SFSafariViewContorller
                                         // TODO: send deliberately wrong AppID and note behaviour for the future
                                         // fitbit does not care - server side setup is quite liberal
                                         switch (Xamarin.Forms.Device.RuntimePlatform)
                                         {
                                             case "Android":
                                                 retval_client_id = "264836847739-4lf3icgdqmmde2r1v03465qvgu1n2208.apps.googleusercontent.com";
                                                 break;
    

    and

                         redirectUrl:
                             new Func<Uri>
                                (
                                     () =>
                                     {
    
                                         string uri = null;
    
                                         switch (Xamarin.Forms.Device.RuntimePlatform)
                                         {
                                             case "Android":
                                                 uri =
                                                     "com.googleusercontent.apps.264836847739-4lf3icgdqmmde2r1v03465qvgu1n2208:/oauth2redirect";
                                                 break;
    

    (ids changed to protect the innocent)

    NOTE: I forgot about that :/oauth2redirect on the end of the redirectUrl in earlier instructions.

  • dsapodsapo USMember ✭✭

    Thanks Ed for your quick response.

    Now I was able to run the sample and the Google login page is displayed.

    After a successful login the browser shows the Google website. I assumed that it should closed manually.

    Is it normal that the app is not calling the authenticator.Completed event handler.

    Is there a way that I can retrieve the access token in order to send it to the Azure app service.

    Thanks again.

    David

  • EdHubbellEdHubbell USMember ✭✭

    On Droid, make sure you edited ActivityCustomUrlSchemeInterceptor.cs. Should have an entry like

    DataSchemes = new[]
                        {
                            "com.googleusercontent.apps.264836847739-4lf3icgdqmmde2r1v03465qvgu1n2208",
    

    On iOS, make sure you have edited your info.plist as specified above (I forgot that in the initial instructions, but I posted an addendum).

    I'm getting access tokens from Google no problem. I don't send them to Azure, but I do send them around to get the users email address, etc.

  • moljacmoljac HRBeta ✭✭✭

    @dsapo If not returning you have (most likely) http[s] scheme in redirect_url

  • AhmadZeitounAhmadZeitoun USMember ✭✭

    You rock Moljac!
    Thanks for going through my question. :)

  • dsapodsapo USMember ✭✭

    Thanks Ed and Moljac for your help.

    Now the Chrome Tabs closes automatically and the access token is retrieved.

    Thanks again

    David

  • igofedigofed USMember ✭✭
    edited May 2017

    Hi guys,

    I'm trying to login with native API to Google - works like a charm on iOS but on Android GetUI method returns CustomTabsIntent.Builder. I tried to write something like
    var builder = GetUI() as CustomTabsIntent.Builder;
    ui = builder.Build().Intent;
    and start this intent but then I have screen asking for right app for opening.

    Any ideas how to fix that?

    If I use builder.Build().Launch(AuthenticationConfiguration.Context, Android.Net.Uri.Parse("https://accounts.google.com/o/oauth2/auth");
    I have issues with invalid_request error.

    @moljak do you have ideas how to fix it? I use latest 1.5 Nuget.

  • moljacmoljac HRBeta ✭✭✭

    @igofed

    v.1.4.x had different API it returned CustomTabsIntent (which does not derive from Intent), so cast was necessary.

    v.1.5.x has API that is 100% compatible with versions prior to 1.4.x. So forget anything about CustomTabs. You need that only for customizations (API is available, but unstable and subject to change).

    Check the docs (also construction site): https://github.com/xamarin/Xamarin.Auth

    Xamarin.Forms sample:

    https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences/tree/master/Xamarin.Forms/Evolve16Labs

    Xamarin Traditional/Standard:

    https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences/tree/master/Traditional.Standard/Providers

    The code you need:

    https://github.com/moljac/Xamarin.Auth.Samples.NugetReferences/blob/master/Traditional.Standard/Providers/Xamarin.Auth.Sample.XamarinAndroid/MainActivity.cs#L111-L136

    If you have more issues - go to community slack and ping me there (most likely someone else will help you, because there is 20+ people with complete implementations and familiar with details)

Sign In or Register to comment.