playgameservices / play-games-plugin-for-unity

Google Play Games plugin for Unity
Other
3.47k stars 966 forks source link

How would this plugin behave when granular permissions of Google OAuth is enabled? #3292

Open rayark-alexyac opened 7 months ago

rayark-alexyac commented 7 months ago

Hello, Firstly, thank you for maintaining this plugin, which is crucial for developers. We require your assistance in a problem we recently encountered.

We received notification from Google about a new feature in Google OAuth, called "granular consent," which is set to be activated on June 17th, 2024.
Our concern is that this plugin might be affected by the new feature, and we need your help in this regard.
According to the official guidelines, applications should manage the possible outcomes when the user grants only some of the requested permissions. This is different from the previous behavior of either granting all or none of the permissions.

To our knowledge, the GooglePlay Games plugin needs the games_lite permission and, optionally, the drive.appdata permission from the user's Google account. We validated this based on the source code of version 0.10.12. We could not confirm the status of the latest version as we could not find the relevant source code anymore.
Since these permissions can now be granted separately, we are curious about how this plugin would react to each possible scenario that the user might encounter, such as granting all, refusing to grant any, or partially granting permissions.
In particular, we have the following questions:

Could you kindly guide us on how to proceed with this issue? Thank you.

frolky commented 5 months ago

I think, this doesn't apply to GPGS, because it doesn't use OAuth

Flipster77 commented 4 months ago

I also would like a definitive answer regarding whether the OAuth granular consent updates will impact this plugin.

taphuong9404 commented 4 months ago

I am using leaderboard for my game, hope you can update the OAuth Granular feature

rayark-alexyac commented 4 months ago

I think, this doesn't apply to GPGS, because it doesn't use OAuth

@frolky Hi, thanks for replying, but I am sorry that I cannot understand what you mean "it doesn't use OAuth". Could you kindly elaborate your statement with more details?

As far as I know from reading the source code of GPGS v0.10.12, which is used in our product, it seems that GPGS requests several "OAuth scopes".
I have to admit that I am not fully clear with the OAuth thing, so here are the possibilities I can deduce from my own finding (the source code) and your statement. I am wondering which is correct:

  1. GPGS used OAuth in old versions (such as v0.10.12), but it does not use it anymore in the latest version. The GPGS team suggests all users migrate to the latest version.
  2. GPGS never used OAuth. The function name AddOauthScopes was a joke or mistake or something, or I simply traced the wrong code. We do not have to worry about the granular consent feature, no matter which GPGS version is used in our product.
  3. What you mean by saying "GPGS" was actually something else (not GooglePlay Games Services plugin for Unity), it was a misunderstanding. As for the current status and future of GPGS is still left unknown.
taphuong9404 commented 4 months ago

Thank you for your early reply, I received this email from google. I don't know what to do next.

Starting June 17, 2024, Google users will get more granular controls for sharing their Google account data with third-party apps. Test your app and make any necessary updates for the best user experience. Hello Google Developer,

Our records indicate that your app(s) has requested access to Google APIs and may be affected by an upcoming OAuth consent change.

We’re writing to remind you that starting June 17, 2024, Google will enable granular consent, which allows OAuth users to grant or deny Google account data permissions on a more granular level to third parties.

We’ve provided more information below to help you through this change.

What you need to know OAuth users will see a granular consent screen allowing them to grant or deny granular permissions to Google account data to your app(s) starting June 17, 2024.

Please note, Workspace Enterprise apps that are granted domain-wide delegation of authority or marked as Trusted will not be impacted by this change at this time.

What you need to do We recommend that you test your app with granular consent and make any necessary updates to ensure an optimal user experience:

Review our OAuth granular consent guide to learn about the requirements and best practices to handle granular consent. If needed, update your app to ensure it supports granular consent. If necessary, you may request a one-time extension, giving you until August 19, 2024, to support granular consent. If you have already requested an extension, please ignore this instruction. Here is a list of your client ID(s) that may be affected by this change. If you have Google Cloud Platform console login issues, the Google Cloud Support team can help. Please submit a ticket in the Support Hub.

Flipster77 commented 3 months ago

Has anyone found out if granular consent impacts this plugin? I requested an extension for my app as I couldn't find an answer on what to do before the deadline.