3

I am using “Google.Apis.YouTube.v3 Client Library1.8.1.1050” Nuget package for accessing API in Windows Phone 8. I am able to do sign in function successfully using this API. I am able to perform certain operations on YouTube API v3 only by logging in with authenticated Google account details. I am also able to get all feeds from Youtube using this API. Right now, I am facing one problem while using Google API V3 oAuth2. I am using following code to do login with Google account :

UserCredential credential;
using (var stream = new FileStream("clientdata.json", FileMode.Open, FileAccess.Read)){

    credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
    GoogleClientSecrets.Load(stream).Secrets,
    // This OAuth 2.0 access scope allows for read-only access to the authenticated 
    // user's account, but not other types of account access.
    new[] { YouTubeService.Scope.Youtubepartner },
    "user",
    CancellationToken.None);}

Using this code, I can successfully get signed in and able to get all feeds. But now my problem is how to logout from Windows Phone 8 application using Google API v3? As per my knowledge, there is no method available to clear user credentials in this package. For now, I am calling a webservice

https://accounts.google.com/o/oauth2/revoke?token={access token}

to revoke the current access token but this is not much helpful.

It would be great if I can get any help to get this problem fixed. And also let me know if it requires any corrections. It would be better if someone can provide the documentation or sample examples for how to efficiently use this API in Windows Phone.

Thanks in advance

DOTNET Team
  • 3,391
  • 17
  • 30

4 Answers4

3

On a UserCredential object you can now call 

await myUserCredential.RevokeTokenAsync(null);

This will remove users token and he will be asked to authorize again.

Or there is REST API https://developers.google.com/identity/protocols/OAuth2WebServer#tokenrevoke

https://accounts.google.com/o/oauth2/revoke?token={token}
nitro
  • 31
  • 1
  • 3
  • 1
    this is the answer. RevokeTokenAsync not accept null argument so need be `credential.RevokeTokenAsync(new CancellationToken());`. – dovid May 29 '17 at 14:42
  • 1
    my answer is almost two years old, so maybe there was a change in new API version? But it still works in my old application with null – nitro May 30 '17 at 16:32
1

Delete the file which is created by Google Authentication Library Call from the Isolated Storage. Use Microsoft windows phone tools to find the name of that file. For Windows phone application it would most probably be - "Google.Apis.Auth.OAuth2.Responses.TokenResponse-user". 

WebBrowser wb = new WebBrowser();
var url = "http://accounts.google.com/Logout";
wb.Navigate(new Uri(url, UriKind.RelativeOrAbsolute));
await wb.ClearCookiesAsync();

using (IsolatedStorageFile iS = IsolatedStorageFile.GetUserStoreForApplication())
            {
                if (iS.FileExists("Google.Apis.Auth.OAuth2.Responses.TokenResponse-user"))
                {
                    iS.DeleteFile("Google.Apis.Auth.OAuth2.Responses.TokenResponse-user");
                }
            }
user3754845
  • 21
  • 3
0

You must clear the cookies after logging out a user. To logout a user, there is not any built in function in the SDK. So please try the following piece of code as a logout function.

private async void logout(object sender, System.Windows.Input.GestureEventArgs e)
{
    WebBrowser wb = new WebBrowser();
    var url = "http://accounts.google.com/Logout";
    wb.Navigate(new Uri(url, UriKind.RelativeOrAbsolute));
    await wb.ClearCookiesAsync();
}
Rohit Minni
  • 240
  • 3
  • 8
  • Hi Rohit, I am doing the same but still the line of code that I mentioned in question is returning me the credential and access token. – DOTNET Team May 03 '14 at 07:29
  • @DotNet Weblineindia are you sure you need to send the access token as a GET parameter....I'm sure this violates security and isn't secure...did you try a POST request on the same?also, logging a user out revokes the access token. So why do you want to do it manually? – Rohit Minni May 04 '14 at 08:50
  • I almost tried with all possible ways. When I do it manually, it is revoking the access token but I need to close my application. When I restart and try to login, application again asks for user details for login. But I do not want close the app. I want flexible sign in/ sign out functionalities. – DOTNET Team May 05 '14 at 05:47
  • Clear the web browser cookies before you login again...I'm doing the same thing and don't need to close my app to login again. Please refer to the logout method I suggested once again. – Rohit Minni May 05 '14 at 11:35
0

First of all I created a new issue in our issue tracker for that one: https://code.google.com/p/google-api-dotnet-client/issues/detail?id=463, hopefully it will be fixed for the coming version.

Please also explain why "this is not much helpful".

For now, try calling the revoke method that you mentioned. In addition (for now...) I recommend to create a new UserCredential (using a different "user") and a new service, and let me know if it works

peleyal
  • 3,406
  • 1
  • 12
  • 25