Integrating Google oAuth APIs with iPhone Applications

This blog is an effort to round up on how to consume Google’s REST APIs in an iPhone App.  As usual with RESTful APIs, the client specifies an action using an HTTP verb such as POST, GET, PUT, or DELETE and the resource by a globally-unique URI of the following form: https://www.googleapis.com/apiName/apiVersion/resourcePath?parameters The response will be returned by the API in JSON format. The APIs use OAuth 2.0 protocol for authentication and authorization. Google supports several OAuth 2.0 flows that cover common web server, JavaScript, device, installed application, and server to server scenarios. Here we are dealing with installed application on device scenario. Steps to integrate the Google APIs in a normal iOS application are not different than the normal OAuth flow. Register Application: First of all , the application must be registered through Google API console. The result of this registration process is a set of values that are known to both Google and application (e.g. client_id, client_secret, redirect_uri, etc.). The set of values generated varies based on the type of application you are building. Another thing that you need to do is to turn on the APIs that your application needs to access in API Console. Obtain an Access Token from the Google Authorization Server: This is the normal OAuth flow where we need to get the access token to call an API. For authorization call this url, it will show a gmail login window which needs user login credentials:
Parameters Value
response_type code
client_id the client_id obtained from the APIs Console.
redirect_uri the redirect_uri values registered at the APIs Console.
scope space delimited set of permissions the application requests.
state anything
In iPhone, application can fetch authorization code from following code:
NSString *tokenCode
   = [theWebView stringByEvaluatingJavaScriptFromString:@"document.getElementsByTagName('title')[0].innerHTML;"];
Authorization code will be something like “token = tokenValue”. Retrieve the tokenValue and use that to obtain an access token from Google by shooting the post request to following url.
<pre><em id="__mceDel">NSString *url = @"https://accounts.google.com/o/oauth2/token?";
NSString  *data =[NSString stringWithFormat: @"code=%@&client_id=testing.apps.googleusercontent.com&client_secret=OxVwVVgYqvlgjoidgdfghdDv&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code",token];
Response of above url will return the dictionary having token, expire time, refresh token and token type. { “access_token”:”1/fFAGRNJru1FTz70BzhT3Zg”, “expires_in”:<expiry_time>, “token_type”:”Bearer”, “refresh_token”:”1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI” } After obtaining access token above, you are ready to call the Google API for your purpose. Calling Google Api: After application has obtained an access token, application can access a Google API by including it in either an access_token query parameter or an Authorization: Bearer HTTP header. Application can call on those api which are passed as scope in authorization URL. For example, a call to theCalendar API using the access_token query string parameter looks like this: https://www.googleapis.com/calendar/v3/users/me/calendarList?access_token=1/fFAGRNJru1FTz70BzhT3Zg This will return entries on the user’s calendar list. Similarly you can call any other API from the API console which requires an OAuth Token. Enjoy building the cool apps that integrate with Google API !!
  • riyaz

    nice explanation. . .