GoogleProvider class

Prebuilt OAuth2Provider for Google Sign-In.

Implements the Google OAuth 2.0 Authorization Code flow with PKCE, targeting the https://accounts.google.com/o/oauth2/v2/auth endpoint. Requesting access_type: offline and prompt: consent ensures Google returns a refresh token on every consent, enabling silent session renewal.

Setup

Create an OAuth 2.0 client ID in the Google Cloud Console. Choose iOS or Android (for mobile) or Web (for web / desktop).
Construct a GoogleProvider with your clientId:

final googleProvider = GoogleProvider(clientId: 'YOUR_CLIENT_ID');

final client = AuthyraClient(
  providers: [googleProvider],
  storage: SecureAuthStorage(),
);

// Deep-link handler (package:app_links or equivalent):
OAuth2CallbackHandler.registerProvider(
  'com.googleusercontent.apps.YOUR_CLIENT_ID', // reverse client ID
  googleProvider,
);
AppLinks().uriLinkStream.listen(OAuth2CallbackHandler.handleCallback);

final user = await Authyra.instance.signIn('google');
print('Hello, ${user.name}!');

Scopes

The default scopes are ['openid', 'email', 'profile']. Pass additional scopes at construction if your app needs more data (e.g., 'https://www.googleapis.com/auth/calendar'):

GoogleProvider(
  clientId: 'YOUR_CLIENT_ID',
  scopes: ['openid', 'email', 'profile', 'https://www.googleapis.com/auth/calendar'],
)

Redirect URI

For native apps the redirect URI defaults to the reverse client ID scheme: com.googleusercontent.apps.<clientId>:/oauth2redirect. Override redirectUri if your app uses a different scheme.

User fields extracted

AuthUser field	Google claim
`id`	`sub`
`email`	`email`
`name`	`name`
`avatarUrl`	`picture`
`metadata`	`email_verified`, `locale`, `given_name`, `family_name`, `hd`

Constructors

GoogleProvider({required String clientId, String? clientSecret, String? redirectUri, List<String> scopes = const ['openid', 'email', 'profile']}): Creates a GoogleProvider.

Properties

config → OAuth2Config: The configuration describing endpoints, credentials, and scopes.
finalinherited
hashCode → int: The hash code for this object.
no setterinherited
id → String: Unique identifier for this provider.
no setteroverride
name → String: Human-readable display name for this provider.
no setterinherited
runtimeType → Type: A representation of the runtime type of the object.
no setterinherited
supportsRefresh → bool: Always true — OAuth2 providers return refresh tokens that enable silent session renewal via refreshToken.
no setterinherited
supportsSignOut → bool: false by default — most providers do not require explicit revocation.
no setterinherited
type → AuthProviderType: The authentication strategy implemented by this provider.
no setterinherited

Methods

handleRedirectCallback(Uri uri) → void: Resolves the pending signIn call with the redirect callback parameters.
inherited
logDebug(String message, [dynamic data]) → void: inherited
logError(String message, [dynamic error, StackTrace? stackTrace]) → void: inherited
logInfo(String message, [dynamic data]) → void: inherited
logWarning(String message, [dynamic data]) → void: inherited
noSuchMethod(Invocation invocation) → dynamic: Invoked when a nonexistent method or property is accessed.
inherited
refreshToken(String refreshToken) → Future<AuthTokenResult?>: Exchanges refreshToken for a fresh access token.
inherited
signIn({Map<String, dynamic>? params}) → Future<AuthSignInResult?>: Executes the full OAuth 2.0 Authorization Code flow.
inherited
signOut({String? userId}) → Future<void>: No-op by default — most OAuth providers do not require an explicit revocation call for mobile / SPA clients.
inherited
toString() → String: A string representation of this object.
inherited

Operators

operator ==(Object other) → bool: The equality operator.
inherited