Getting Google OAuth in iOS accepted by Apple - iphone

I have developed an iOS app that allows users to login via their Google Account using OAuth.
It was rejected by Apple for allegedly violating 11.13 of the App Store Review Guidelines:
11.13 Apps that link to external mechanisms for purchases or subscriptions to be used in the app, such as a “buy" button that goes to a web site to purchase a digital book, will be rejected
Upon asking for more information, Apple said:
To clarify, your app has been rejected for including means for users to acquire new Google accounts. Linking customers to a page where users may sign up or register new accounts, and then use those accounts to purchase service/server space to be used within the app, is not appropriate and must be removed before resubmitting your app.
Here's a screenshot of the infringing functionality:
The Gmail iOS app has the same screen and I can't find any other app that connects to Google by OAuth so I'm at a loss on how to fix this.
Any ideas?
Many thanks!
EDIT: Here's a screenshot of same offending screen in Gmail

Edit
Google has finally added a native library that performs in-app sign in. You can find it here https://developers.google.com/identity/sign-in/ios/start
Original Post
This has happened to several users and unfortunately Google are still "working" on a solution.
I would strongly recommend that anyone facing this issue please comment in the official forum. The more attention it gets the higher the chance something will be done about it. Here's what one of the employees at Google had to say:
Hi all -- at Google, we aim to make our services available to as many
users and developers as possible. We have heard a very small number of
reports of problems of this type, but those app developers appear to
have eventually gotten approval to launch by working through Apple’s
standard process.
Meantime, we're continuing to work on improved mechanisms for login. I
do agree with Daniel that direct use of GTMOauth2ViewControllerTouch,
or the equivalent UIWebView trickery, is not recommended.
Right now the solution I used was to remove Sign In from the Launch Screen and move it to the menu inside our app.

Place a link mentioned below instead of SignUP button:
https://accounts.google.com/SignUp?service=mail&continue=https%3A%2F%2Fmail.google.com%2Fmail%2Fca%2F&ltmpl=default&hl=en
This link should be open in iOS Safari browser.

I had the exact same thing happen to me, but for a different service (SmugMug). In my situation, I worked with SmugMug and they provided for me an OAuth authorization page that didn't have the sign up button.
Some months ago, same thing with Dropbox. Dropbox also ended up providing a login page without a sign up button temporarily, but they got a little more cooperation with Apple.
Perhaps we can try to collectively get Google to provide the same. Even though we're iOS developers, Im' sure Google wants to support development of iOS apps that use their platform.
Have you tried contacting Google?

Related

Link multiple accounts iOS app - Firebase/Facebook Login & XCode/Swift 5

So I'm building this app for a client (It's a basic scheduling app like HootSuite but simpler) and he wants the ability to add multiple Facebook accounts with an IAP (aka In-App Purchase) after said IAP is purchased. The IAP is all done and works great but I cannot figure out how to link multiple Facebook accounts. I tried to use the same login method that a previous developer used (It's an ongoing freelance project and 2 other devs worked on it before I joined) to no avail since the login process stops once the app realizes that the user has already signed in...
So I guess that my question is this: Is there a way to link multiple Facebook accounts at once in a single iOS app? If so, how exactly? Forget the IAPs if that's too confusing, everything is fine there anyways. The goal is to be as seamless as possible, so ideally there would be no need for the user to log out and log back into the other account (Something I've seen a lot in other Questions/Answers).
I don't think I am authorized to show the code to you guys (that would also require sharing the entire project, it's a real spider-web!), but could someone please lead me in the right direction?
Please let me know if you have any questions!
Thank you in advance.
Notes:
Just like the title says, we use Firebase for our storage, Cloud Firestore for our database and Facebook login (through Firebase) for login since the purpose of the app is to schedule posts on IG.
I use a basic variable called "activeUsers" to track the number of accounts "linked" to the app so we can know whether or not to show the "PurchaseModel" and, obviously, receipt verification and all that for IAPs. Thought it could be useful!
3. When the app starts, you are prompted to link a Facebook account to enable the scheduler. THIS WORKS GREAT! What I am trying to achieve is to add other accounts AFTER the first one has been "enabled"/logged into.
It's not possible to link multiple accounts from the same provider to a single Firebase Auth account.
You can only link multiple accounts of different types (Facebook, Google, GitHub, etc) to a single Firebase account as described in the documentation.

Determining kind of facebook app

https://apps.facebook.com/horoscopes/?fb_source=search
Can anyone tell me what kind of facebook app it is? canvas or something else?
I would want to create an app in php but have no clue where to start from. Can i create a test app and start the process? please help.
I have tried creating an app but that needs to be approved before even starting the development and showing us as a page on facebook app
Any app with an address of apps.facebook.com/* is the Canvas link to the App, which means this app has a canvas page at the minimum. It may also have a website and mobile app associated with it, but that's harder to determine.
You should so some research before trying to create an app. You do not need to get any sort of approval to develop an application, even if you use excessive permissions. However, you will need to get your app approved for any extra permissions prior to launching to end-users.
You should visit the Facebook Developer website and pick a SDK you're comfortable with. I would recommend using the JavaScript one to get started, but the choice is yours. Then you should follow the starter guide to creating your first app. Everything you need to create an app is discoverable through Google, and I have a few handy tutorials on my site for using the PHP and JavaScript SDKs.

Facebook developer account, all apps disappeared

I am a mobile developer and I frequently use facebook to add sharing feature to my applications.
I usually have alot of applications on my facebook developer account.
But today all my apps have disappeared and my account seems to not be a developer account.
When I click on the "Applications" menu (on https://developers.facebook.com/) I only see "Register as a Developer" in the dropdown menu.
Someone have any idea how to fix this?
I have exactly the same issue. If there was a violation - and I don't think there was as the app is in sandbox - I received no notification of this. The literature states that an app will be disabled, not that an entire developer account will be removed. As I have other active apps this is quite a problem. It seems I can set up another developer account but one assume all existing apps will need to be set back up. Clusterf**k
UPDATE:
I re-signed up as a developer and all my apps are still there. A fright, but better that!
I'm not registered to accept payments. I couldn't find a hint of official support on the subject of 'closed developer accounts' nor any real way to directly engage other than firing off a bug report. As I said, re-registering did the trick and they just asked for a few bits of info.

When using OpenID login within an iOS app is it better to use Safari for login and then redirect back to app?

I'm building an app that uses OpenID for authentication. I'm giving Google, Yahoo and the general OpenID site as options.
At present, when the user selects a site, I open a UIWebView and the user performs their login with that frame, all within the app.
However, it has struck me that when using UIWebView, you cannot easily show to the user that the connection is over https or that they are indeed at the site I'm claiming they are at. I could be easily harvesting passwords.
Would it be, and I'm looking for opinions on this, be better from a user confidence perspective to actually open Safari when the user selects a login and once they've logged in have Safari direct me back to app?
Thanks
Most people using iOS devices are used to the way Facebook logins work; no URL bar, no nothing. I'd just follow the typical workflow. You could bump out to Safari, and return via a custom URL scheme. However, I think users will think that is more weird. iOS users are not used to being jumped in and out of different apps.
just my 2 cents, it would be also faster if the user has already logged in those services with Safari before.
Prompting out a UIWebView and switching to Safari is using the same amount of steps, so why not?
I thought I'd follow up on this thread to say I'm having difficulties getting the app approved and I think it's because I use the Safari approach. I've had it rejected by Apple twice now because:
"Apps that link to external mechanisms for purchases or subscriptions to be used in the app, such as a “buy" button that goes to a web site to purchase a digital book, will be rejected "
I think it's because I'm launching Safari. I've opened a dispute with Apple and I'll come back with more information once I hear back from them. I really hope a quick change to a UIWebView will help!

Can Facebook's "Single Sign On" be achieved within a mobile web app?

It's my first posting on here (although I've been using this site for reference for quite some time).
I've been trying for several days now to find or dream up a way to use Facebook's "Single Sign On" from within a mobile web app (not a native iOS or Android app) to automatically sign a user into a web app if they are already logged into Facebook from the native Facebook app on their mobile device for example.
My limited knowledge is telling me that it can't be done since the mobile browser and the 'system' (iOS for example) are too separated (I can't, I don't think, have my mobile web app use or access the native Facebook app on a mobile device in any way).
I have found and read the iOS, Android AND Mobile documentation provided by Facebook (https://developers.facebook.com/docs/guides/mobile/) which all seems to make enough sense, but after days of trawling through everything else I could find on the subject there doesn't seem to be a way to use, for example, the Facebook app on an iPhone or Android device to automatically log a user in to my web app if he/she is already logged into Facebook.
I've read lots about doing this from within 3rd party native apps and also other people trying to achieve a similar thing from within Desktop apps but I'm trying and hoping to be able to achieve this from a web app running within a mobile web browser.
I'd be very grateful for any help, opinions or pointers in the right direction since I think this would be an excellent step forward in UI for mobile web apps to have (not just the native apps).
Many thanks in advance...
Probably a bit late to the party but in case anyone else is wondering yes it's possible with Cordova/Phonegap and the Facebook Connect Plugin: https://github.com/davejohnson/phonegap-plugin-facebook-connect/
Using the FB.getLoginStatus() method at startup allows to check if the user is already signed in with the native Facebook App and retrieve its profile. More details in the examples provided in the repo.
I have not yet implemented it myself, but seems possible according to:
http://developers.facebook.com/docs/mobile/web/build/#login