I have an existential question. the case that I have implemented a login through google to an app.
The google API contains two functions, one called Auth.GoogleSignInApi.signOut
and the other Auth.GoogleSignInApi.revokeAccess
, what I can understand is that the first one closes the session but the second will be necessary? since logging out should remove all permissions.
The functions I have created:
public void logOut(View view) {
firebaseAuth.signOut();
Auth.GoogleSignInApi.signOut(googleApiClient).setResultCallback(new ResultCallback<Status>() {
@Override
public void onResult(@NonNull Status status) {
if (status.isSuccess()) {
goLogInScreen();
} else {
Toast.makeText(getApplicationContext(), "error", Toast.LENGTH_SHORT).show();
}
}
});
}
public void revoke(View view) {
firebaseAuth.signOut();
Auth.GoogleSignInApi.revokeAccess(googleApiClient).setResultCallback(new ResultCallback<Status>() {
@Override
public void onResult(@NonNull Status status) {
if (status.isSuccess()) {
goLogInScreen();
} else {
Toast.makeText(getApplicationContext(),"error", Toast.LENGTH_SHORT).show();
}
}
});
}
I have used both functions and I don't see the difference. both direct me to login again by selecting the user account (google account).
It is not necessary but it is recommended. Both actually involve re-authentication, so you notice that you have to login.
Like several Google products, these would be definitions:
I suggest you check out this new revokeRefreshToken() method