Google Authentication

Configure the OAuth Consent Screen

1. Create a New Project:

• Go to the Google Cloud Console.
• Click on the project dropdown in the top left corner and select “New Project.”
• Give your project a name.
• Click “Create.”


2. Set Up the OAuth Consent Screen:

• Go to the Api and services.

• OAuth Overview
• Click “Create.”

3. Fill in the App Information:

• App name: Enter your app's name.

• User support email: Enter a contact email.
• App logo: (Optional) Upload your app's logo.
• App domain: Enter your domain if applicable.
• Authorized domains: Add domains you will use.
• Developer contact information: Enter your email address.

• Click "Save and Continue."

4. Scopes:
• Click "Add or Remove Scopes" and add the required scopes for your app. For basic Google authentication, you’ll need openid, email, and profile.
• Click "Save and Continue."

Create OAuth 2.0 Client IDs

1. Generate a Client ID for Web

1. Go to Credentials:

• Navigate to the Credentials tab in the Google Cloud Console.
• Click "Create Credentials" > "OAuth 2.0 Client IDs."


2. Configure OAuth Client ID:

• Choose "Web application" as the application type.

• Name your OAuth client (e.g., "Expo Web Client").

3. Set Authorized Redirect URIs:
• Add the following redirect URIs: For Expo development: http://localhost:8081 or For production: Add your website’s domain (e.g., https://yourwebsite.com/).
• Click "Save and Continue."
4. Save Client ID and Secret: Once created, save the Client ID you’ll need them later:
• Click "Add or Remove Scopes" and add the required scopes for your app. For basic Google authentication, you’ll need openid, email, and profile.
• Click "Save and Continue."

2. Generate a Client ID for Android

1. Create Another OAuth Client ID:

• Click "Create Credentials" > "OAuth 2.0 Client IDs."
• Choose "Android" as the application type.


2. Configure OAuth Client ID:
• Name your OAuth client (e.g., "Expo Android Client").
• Add your Android package name (e.g., com.yourcompany.yourapp).
• Add the SHA-1 signing certificate fingerprint:
Recommendation:

It's best to create two separate clients: one for development and one for production builds. Use the SHA-1 from your local debug keystore for development. Use the SHA-1 from Google Play App Signing for production.

Development SHA-1: To get the SHA-1 for debug builds, run the following in your terminal:

keytool -list -v -keystore ./android/app/debug.keystore \
  -alias androiddebugkey \
  -storepass android -keypass android

This will print the debug signing certificate fingerprint (SHA-1).

Production SHA-1: For production builds, find the SHA-1 in the Google Play Console:

• Go to your app
• Navigate to Setup → App Integrity
• Look for the App signing certificate section
3. Save Client ID and Secret:
• Save the Client ID and Client Secret.

3. Generate a Client ID for iOS

1. Create Another OAuth Client ID:

• Click "Create Credentials" > "OAuth 2.0 Client IDs."
• Choose "iOS" as the application type.


2. Configure OAuth Client ID:
• Name your OAuth client (e.g., "Expo iOS Client").
• Add your iOS bundle identifier (e.g., com.yourcompany.yourapp).
• Click "Create."
3. Save Client ID and Secret:
• Save the Client ID and Client Secret.

Update .env

EXPO_PUBLIC_GOOGLE_WEB_CLIENT_ID=*****
EXPO_PUBLIC_GOOGLE_IOS_CLIENT_ID=*****

Get iOS URL Scheme

In your Google Cloud project, navigate to APIs & Services > Credentials. Click on the iOS OAuth Client you created. Copy the iOS URL Scheme.

Update the values in your app.json file:

{
  ...
    [
      "@react-native-google-signin/google-signin",
      {
        "iosUrlScheme": '*****'
      }
    ]
  ...
}

Enable Google Provider

• Go to your Supabase Dashboard
• Navigate to Authentication → Providers
• Enable the Google provider

• Set the Bundle ID to match your App ID (e.g. com.expolaunch.app)

Update Redirect URLs

• Add your app’s redirect URIs under Authorized Redirect URIs
• Example: https://your-app.com/auth/callback

Test Your Setup

• If you're using a simulator, make sure it supports iOS 13 or later (required for Sign In with Apple).

• If you have a device, you can test the authentication flow more accurately.