pbrisbin
commented
5 years ago Thanks for bringing this up.
Google is notoriously vague with this stuff, so I have no guarantees about what will happen to my or your apps running this plugin when these dates come and go, unfortunately.
That said, it also seems to me that we are not using Google+ APIs here. It's very clear the URLs we're using in the plugin:
https://accounts.google.com/o/oauth2/authhttps://www.googleapis.com/oauth2/v3/token
And these are (modulo versions) the same endpoints documented in the non-deprecated OAuth2 path for Google Sign-on, which are:
https://accounts.google.com/o/oauth2/v2/authhttps://www.googleapis.com/oauth2/v4/token
We then use this end-point to get the current user's info:
https://www.googleapis.com/oauth2/v3/userinfo
And that should also be a valid API endpoint and un-related to Google+.
Is it possible to follow up through the email you received and see exactly what endpoints are being used by your app?
jferris
ivanperez-keera
I just got an email saying that a yesod web app that we have running is using Google+ sign in for authentication.
I've looked at this code and I believe this does not use Google+ but simply Google sign on, but I'm not an expert and I'd rather check ahead of time than wait to find out all users are locked out.
Is this going to be affected by the deprecation of Google+'s API [1]?
[1] https://developers.google.com/+/api-shutdown