[google_sign_in] Fix iOS sever auth codes #10021
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes an issue where `serverAuthorizationTokensForScopes` would usually return the results of `getRefreshedAuthorizationTokens` directly, even though `getRefreshedAuthorizationTokens` will never include a server auth code. Now, the server auth code is cached when it is returned from authn steps, so that it can be returned when it is requested, since those are different APIs in this plugin (unlike the underlying SDK on iOS). Fixes flutter/flutter#175313
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request fixes an issue on iOS where serverAuthorizationTokensForScopes would incorrectly return null. The fix introduces caching for the server authorization code, ensuring it's available for later calls. The implementation is sound, correctly handling user changes by associating the cached code with a user ID. The accompanying tests are thorough, covering the new caching logic and various edge cases. I've added one suggestion to improve the readability of a new test case.
packages/google_sign_in/google_sign_in_ios/test/google_sign_in_ios_test.dart
Outdated
Show resolved
Hide resolved
|
|
||
| /// The user identifier for the cached server auth code, to ensure that a | ||
| /// cached code isn't returned across users. | ||
| String? _cachedServerAuthCodeUserId; |
Contributor
There was a problem hiding this comment.
The cache doesn't seem to be invalidated on logout?
Collaborator
Author
There was a problem hiding this comment.
Good catch! For signOut it's probably harmless since the grant should still be active, but it definitely shouldn't be returned after disconnect, and since I can't think of any reason someone should expect to get it after signOut I'll go ahead and clear it there.
Also added cache unit tests for both signOut and disconnect that would have caught this.
LongCatIsLooong
approved these changes
Sep 18, 2025
Contributor
LongCatIsLooong
left a comment
LongCatIsLooong
left a comment
There was a problem hiding this comment.
One comment regarding cache invalidation otherwise LGTM.
stuartmorgan-g
added
the
autosubmit
engine-flutter-autoroll
added a commit
to engine-flutter-autoroll/flutter
that referenced
this pull request
Sep 19, 2025
engine-flutter-autoroll
added a commit
to engine-flutter-autoroll/flutter
that referenced
this pull request
Sep 19, 2025
github-merge-queue bot
pushed a commit
to flutter/flutter
that referenced
this pull request
Sep 19, 2025
flutter/packages@f2a65fd...3d5c419 2025-09-19 49699333+dependabot[bot]@users.noreply.github.com [dependabot]: Bump camerax_version from 1.5.0-rc01 to 1.5.0 in /packages/camera/camera_android_camerax/android (flutter/packages#10009) 2025-09-18 stuartmorgan@google.com [google_sign_in] Fix iOS sever auth codes (flutter/packages#10021) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-packages-flutter-autoroll Please CC flutter-ecosystem@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
Jaineel-Mamtora
pushed a commit
to Jaineel-Mamtora/flutter_forked
that referenced
this pull request
Sep 24, 2025
…r#175668) flutter/packages@f2a65fd...3d5c419 2025-09-19 49699333+dependabot[bot]@users.noreply.github.com [dependabot]: Bump camerax_version from 1.5.0-rc01 to 1.5.0 in /packages/camera/camera_android_camerax/android (flutter/packages#10009) 2025-09-18 stuartmorgan@google.com [google_sign_in] Fix iOS sever auth codes (flutter/packages#10021) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-packages-flutter-autoroll Please CC flutter-ecosystem@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes an issue where
serverAuthorizationTokensForScopeswould usually return the results ofgetRefreshedAuthorizationTokensdirectly, even thoughgetRefreshedAuthorizationTokenswill never include a server auth code. Now, the server auth code is cached when it is returned from authn steps, so that it can be returned when it is requested, since those are different APIs in this plugin (unlike the underlying SDK on iOS).Fixes flutter/flutter#175313
Pre-Review Checklist
[shared_preferences]pubspec.yamlwith an appropriate new version according to the pub versioning philosophy, or I have commented below to indicate which version change exemption this PR falls under1.CHANGELOG.mdto add a description of the change, following repository CHANGELOG style, or I have commented below to indicate which CHANGELOG exemption this PR falls under1.///).Footnotes
Regular contributors who have demonstrated familiarity with the repository guidelines only need to comment if the PR is not auto-exempted by repo tooling. ↩ ↩2 ↩3