aws-amplify · BillBunting · Feb 2, 2025
@@ -1,65 +1,32 @@
 /*
- * GIDAuthentication.h
- * Google Sign-In iOS SDK
+ * Copyright 2022 Google LLC
  *
- * Copyright 2014 Google Inc.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- * Use of this SDK is subject to the Google APIs Terms of Service:
- * https://developers.google.com/terms/
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  */
 
 #import <Foundation/Foundation.h>
 
-@protocol GTMFetcherAuthorizationProtocol;
-@class GIDAuthentication;
-
-/// The callback block that takes a `GIDAuthentication`, or an error if attempt
-/// to refresh was unsuccessful.
-typedef void (^GIDAuthenticationHandler)(GIDAuthentication *authentication, NSError *error);
+@class OIDAuthState;
 
-/// The callback block that takes an access token, or an error if attempt to refresh was
-/// unsuccessful.
-typedef void (^GIDAccessTokenHandler)(NSString *accessToken, NSError *error);
+NS_ASSUME_NONNULL_BEGIN
 
-/// This class represents the OAuth 2.0 entities needed for sign-in.
+// Internal class for GIDGoogleUser NSCoding backward compatibility.
 @interface GIDAuthentication : NSObject <NSSecureCoding>
 
-/// The client ID associated with the authentication.
-@property(nonatomic, readonly) NSString *clientID;
-
-/// The OAuth2 access token to access Google services.
-@property(nonatomic, readonly) NSString *accessToken;
-
-/// The estimated expiration date of the access token.
-@property(nonatomic, readonly) NSDate *accessTokenExpirationDate;
-
-/// The OAuth2 refresh token to exchange for new access tokens.
-@property(nonatomic, readonly) NSString *refreshToken;
+@property(nonatomic) OIDAuthState* authState;
 
-/// An OpenID Connect ID token that identifies the user. Send this token to your server to
-/// authenticate the user there. For more information on this topic, see
-/// https://developers.google.com/identity/sign-in/ios/backend-auth
-@property(nonatomic, readonly) NSString *idToken;
-
-/// The estimated expiration date of the ID token.
-@property(nonatomic, readonly) NSDate *idTokenExpirationDate;
-
-/// Gets a new authorizer for `GTLService`, `GTMSessionFetcher`, or `GTMHTTPFetcher`.
-///
-/// @return A new authorizer
-- (id<GTMFetcherAuthorizationProtocol>)fetcherAuthorizer;
-
-/// Get a valid access token and a valid ID token, refreshing them first if they have expired or are
-/// about to expire.
-///
-/// @param handler A callback block that takes a `GIDAuthentication`, or an
-///                error if attempt to refresh was unsuccessful.
-- (void)getTokensWithHandler:(GIDAuthenticationHandler)handler;
-
-/// Refreshes the access token and the ID token using the refresh token.
-///
-/// @param handler A callback block that takes a `GIDAuthentication`, or an
-///                error if attempt to refresh was unsuccessful.
-- (void)refreshTokensWithHandler:(GIDAuthenticationHandler)handler;
+- (instancetype)initWithAuthState:(OIDAuthState *)authState;
 
 @end
+
+NS_ASSUME_NONNULL_END
@@ -0,0 +1,77 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+/// This class represents the client configuration provided by the developer.
+@interface GIDConfiguration : NSObject <NSCopying, NSSecureCoding>
+
+/// The client ID of the app from the Google Cloud Console.
+@property(nonatomic, readonly) NSString *clientID;
+
+/// The client ID of the home server.  This will be returned as the `audience` property of the
+/// OpenID Connect ID token.  For more info on the ID token:
+/// https://developers.google.com/identity/sign-in/ios/backend-auth
+@property(nonatomic, readonly, nullable) NSString *serverClientID;
+
+/// The Google Apps domain to which users must belong to sign in.  To verify, check
+/// `GIDGoogleUser`'s `hostedDomain` property.
+@property(nonatomic, readonly, nullable) NSString *hostedDomain;
+
+/// The OpenID2 realm of the home server. This allows Google to include the user's OpenID
+/// Identifier in the OpenID Connect ID token.
+@property(nonatomic, readonly, nullable) NSString *openIDRealm;
+
+/// Unavailable.  Please use `initWithClientID:` or one of the other initializers below.
+/// :nodoc:
++ (instancetype)new NS_UNAVAILABLE;
+
+/// Unavailable.  Please use `initWithClientID:` or one of the other initializers below.
+/// :nodoc:
+- (instancetype)init NS_UNAVAILABLE;
+
+/// Initialize a `GIDConfiguration` object with a client ID.
+///
+/// @param clientID The client ID of the app.
+/// @return An initialized `GIDConfiguration` instance.
+- (instancetype)initWithClientID:(NSString *)clientID;
+
+/// Initialize a `GIDConfiguration` object with a client ID and server client ID.
+///
+/// @param clientID The client ID of the app.
+/// @param serverClientID The server's client ID.
+/// @return An initialized `GIDConfiguration` instance.
+- (instancetype)initWithClientID:(NSString *)clientID
+                  serverClientID:(nullable NSString *)serverClientID;
+
+/// Initialize a `GIDConfiguration` object by specifying all available properties.
+///
+/// @param clientID The client ID of the app.
+/// @param serverClientID The server's client ID.
+/// @param hostedDomain The Google Apps domain to be used.
+/// @param openIDRealm The OpenID realm to be used.
+/// @return An initialized `GIDConfiguration` instance.
+- (instancetype)initWithClientID:(NSString *)clientID
+                  serverClientID:(nullable NSString *)serverClientID
+                    hostedDomain:(nullable NSString *)hostedDomain
+                     openIDRealm:(nullable NSString *)openIDRealm NS_DESIGNATED_INITIALIZER;
+
+@end
+
+NS_ASSUME_NONNULL_END
+
@@ -1,39 +1,114 @@
 /*
- * GIDGoogleUser.h
- * Google Sign-In iOS SDK
+ * Copyright 2022 Google LLC
  *
- * Copyright 2014 Google Inc.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- * Use of this SDK is subject to the Google APIs Terms of Service:
- * https://developers.google.com/terms/
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  */
 
 #import <Foundation/Foundation.h>
+#import <TargetConditionals.h>
+
+#if __has_include(<UIKit/UIKit.h>)
+#import <UIKit/UIKit.h>
+#elif __has_include(<AppKit/AppKit.h>)
+#import <AppKit/AppKit.h>
+#endif
 
-@class GIDAuthentication;
+
+@class GIDConfiguration;
+@class GIDSignInResult;
+@class GIDToken;
 @class GIDProfileData;
 
-/// This class represents a user account.
+NS_ASSUME_NONNULL_BEGIN
+
+/// This class represents a signed-in user.
 @interface GIDGoogleUser : NSObject <NSSecureCoding>
 
 /// The Google user ID.
-@property(nonatomic, readonly) NSString *userID;
+@property(nonatomic, readonly, nullable) NSString *userID;
+
+/// The basic profile data for the user.
+@property(nonatomic, readonly, nullable) GIDProfileData *profile;
+
+/// The OAuth2 scopes granted to the app in an array of `NSString`.
+@property(nonatomic, readonly, nullable) NSArray<NSString *> *grantedScopes;
+
+/// The configuration that was used to sign in this user.
+@property(nonatomic, readonly) GIDConfiguration *configuration;
 
-/// Representation of the Basic profile data. It is only available if
-/// `GIDSignIn.shouldFetchBasicProfile` is set and either `-[GIDSignIn signIn]` or
-/// `-[GIDSignIn restorePreviousSignIn]` has been completed successfully.
-@property(nonatomic, readonly) GIDProfileData *profile;
+/// The OAuth2 access token to access Google services.
+@property(nonatomic, readonly) GIDToken *accessToken;
 
-/// The authentication object for the user.
-@property(nonatomic, readonly) GIDAuthentication *authentication;
+/// The OAuth2 refresh token to exchange for new access tokens.
+@property(nonatomic, readonly) GIDToken *refreshToken;
 
-/// The API scopes granted to the app in an array of `NSString`.
-@property(nonatomic, readonly) NSArray *grantedScopes;
+/// The OpenID Connect ID token that identifies the user.
+///
+/// Send this token to your server to authenticate the user there. For more information on this topic,
+/// see https://developers.google.com/identity/sign-in/ios/backend-auth.
+@property(nonatomic, readonly, nullable) GIDToken *idToken;
 
-/// For Google Apps hosted accounts, the domain of the user.
-@property(nonatomic, readonly) NSString *hostedDomain;
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wdeprecated-declarations"
+/// The authorizer for use with `GTLRService`, `GTMSessionFetcher`, or `GTMHTTPFetcher`.
+// @property(nonatomic, readonly) id<GTMFetcherAuthorizationProtocol> fetcherAuthorizer;
+#pragma clang diagnostic pop
 
-/// An OAuth2 authorization code for the home server.
-@property(nonatomic, readonly) NSString *serverAuthCode;
+/// Refresh the user's access and ID tokens if they have expired or are about to expire.
+///
+/// @param completion A completion block that takes a `GIDGoogleUser` or an error if the attempt to
+///     refresh tokens was unsuccessful.  The block will be called asynchronously on the main queue.
+- (void)refreshTokensIfNeededWithCompletion:(void (^)(GIDGoogleUser *_Nullable user,
+                                                      NSError *_Nullable error))completion;
+
+#if TARGET_OS_IOS || TARGET_OS_MACCATALYST
+
+/// Starts an interactive consent flow on iOS to add new scopes to the user's `grantedScopes`.
+///
+/// The completion will be called at the end of this process.  If successful, a `GIDSignInResult`
+/// instance will be returned reflecting the new scopes and saved sign-in state will be updated.
+///
+/// @param scopes The scopes to ask the user to consent to.
+/// @param presentingViewController The view controller used to present `SFSafariViewController` on
+///     iOS 9 and 10 and to supply `presentationContextProvider` for `ASWebAuthenticationSession` on
+///     iOS 13+.
+/// @param completion The optional block that is called on completion.  This block will be called
+///     asynchronously on the main queue.
+- (void)addScopes:(NSArray<NSString *> *)scopes
+    presentingViewController:(UIViewController *)presentingViewController
+                  completion:(nullable void (^)(GIDSignInResult *_Nullable signInResult,
+                                                NSError *_Nullable error))completion
+    NS_EXTENSION_UNAVAILABLE("The add scopes flow is not supported in App Extensions.");
+
+#elif TARGET_OS_OSX
+
+/// Starts an interactive consent flow on macOS to add new scopes to the user's `grantedScopes`.
+///
+/// The completion will be called at the end of this process.  If successful, a `GIDSignInResult`
+/// instance will be returned reflecting the new scopes and saved sign-in state will be updated.
+///
+/// @param scopes An array of scopes to ask the user to consent to.
+/// @param presentingWindow The window used to supply `presentationContextProvider` for
+///     `ASWebAuthenticationSession`.
+/// @param completion The optional block that is called on completion.  This block will be called
+///     asynchronously on the main queue.
+- (void)addScopes:(NSArray<NSString *> *)scopes
+    presentingWindow:(NSWindow *)presentingWindow
+          completion:(nullable void (^)(GIDSignInResult *_Nullable signInResult,
+                                        NSError *_Nullable error))completion;
+
+#endif
 
 @end
+
+NS_ASSUME_NONNULL_END
@@ -1,15 +1,26 @@
 /*
- * GIDSignInButton.h
- * Google Sign-In iOS SDK
+ * Copyright 2021 Google LLC
  *
- * Copyright 2012 Google Inc.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
  *
- * Use of this SDK is subject to the Google APIs Terms of Service:
- * https://developers.google.com/terms/
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  */
+#import <TargetConditionals.h>
+
+#if TARGET_OS_IOS || TARGET_OS_MACCATALYST
 
 #import <UIKit/UIKit.h>
 
+NS_ASSUME_NONNULL_BEGIN
+
 /// The layout styles supported by the `GIDSignInButton`.
 ///
 /// The minimum size of the button depends on the language used for text.
@@ -31,11 +42,11 @@ typedef NS_ENUM(NSInteger, GIDSignInButtonColorScheme) {
 
 /// This class provides the "Sign in with Google" button.
 ///
-/// You can instantiate this class programmatically or from a NIB file. You
-/// should set up the `GIDSignIn` shared instance with your client ID and any
-/// additional scopes, implement the delegate methods for `GIDSignIn`, and add
-/// this button to your view hierarchy.
-@interface GIDSignInButton : UIControl
+/// You can instantiate this class programmatically or from a NIB file. You should connect this
+/// control to an `IBAction`, or something similar, that calls
+/// signInWithPresentingViewController:completion: on `GIDSignIn` and add it to your view
+/// hierarchy.
+@interface GIDSignInButton : UIControl <NSSecureCoding>
 
 /// The layout style for the sign-in button.
 /// Possible values:
@@ -51,3 +62,8 @@ typedef NS_ENUM(NSInteger, GIDSignInButtonColorScheme) {
 @property(nonatomic, assign) GIDSignInButtonColorScheme colorScheme;
 
 @end
+
+NS_ASSUME_NONNULL_END
+
+#endif
+
@@ -0,0 +1,41 @@
+/*
+* Copyright 2022 Google LLC
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*      http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+#import <Foundation/Foundation.h>
+
+@class GIDGoogleUser;
+
+NS_ASSUME_NONNULL_BEGIN
+
+/// A helper object that contains the result of a successful signIn or addScopes flow.
+@interface GIDSignInResult : NSObject
+
+/// The updated `GIDGoogleUser` instance for the user who just completed the flow.
+@property(nonatomic, readonly) GIDGoogleUser *user;
+
+/// An OAuth2 authorization code for the home server.
+@property(nonatomic, readonly, nullable) NSString *serverAuthCode;
+
+/// Unsupported.
++ (instancetype)new NS_UNAVAILABLE;
+
+/// Unsupported.
+- (instancetype)init NS_UNAVAILABLE;
+
+@end
+
+NS_ASSUME_NONNULL_END
+
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+/// This class represents an OAuth2 or OpenID Connect token.
+@interface GIDToken : NSObject <NSSecureCoding>
+
+/// The token string.
+@property(nonatomic, copy, readonly) NSString *tokenString;
+
+/// The estimated expiration date of the token.
+@property(nonatomic, readonly, nullable) NSDate *expirationDate;
+
+/// Check if current token is equal to another one.
+///
+/// @param otherToken Another token to compare.
+- (BOOL)isEqualToToken:(GIDToken *)otherToken;
+
+/// Unavailable.
+/// :nodoc:
++ (instancetype)new NS_UNAVAILABLE;
+
+/// Unavailable.
+/// :nodoc:
+- (instancetype)init NS_UNAVAILABLE;
+
+@end
+
+NS_ASSUME_NONNULL_END
+
@@ -12,5 +12,8 @@
 #import "GIDProfileData.h"
 #import "GIDSignIn.h"
 #import "GIDSignInButton.h"
+#import "GIDConfiguration.h"
+#import "GIDToken.h"
+#import "GIDSignInResult.h"
 
 #endif
@@ -18,8 +18,6 @@
 
 #import "GoogleSignIn.h"
 
-static NSString *const AWSGoogleSignInProviderClientScope = @"profile";
-static NSString *const AWSGoogleSignInProviderOIDCScope = @"openid";
 static NSTimeInterval const AWSGoogleSignInProviderTokenRefreshBuffer = 10 * 60;
 static int64_t const AWSGoogleSignInProviderTokenRefreshTimeout = 60 * NSEC_PER_SEC;
 
@@ -31,7 +29,7 @@ - (void)completeLogin;
 
 @end
 
-@interface AWSGoogleSignInProvider() <GIDSignInDelegate>
+@interface AWSGoogleSignInProvider()
 
 @property (atomic, strong) AWSTaskCompletionSource *taskCompletionSource;
 @property (nonatomic, strong) dispatch_semaphore_t semaphore;
@@ -61,7 +59,6 @@ + (instancetype)sharedInstance {
         AWSServiceInfo *serviceInfo = [[AWSInfo defaultAWSInfo] defaultServiceInfo:AWSInfoIdentityManager];
         googleClientID = [[serviceInfo.infoDictionary objectForKey:AWSInfoGoogleIdentifierLegacy] objectForKey:AWSInfoGoogleClientIdLegacy];
     }
-
 
     if (!googleClientID) {
         @throw [NSException exceptionWithName:NSInternalInconsistencyException
@@ -73,38 +70,35 @@ + (instancetype)sharedInstance {
     static dispatch_once_t onceToken;
     dispatch_once(&onceToken, ^{
         _sharedInstance = [[AWSGoogleSignInProvider alloc] initWithGoogleClientID:googleClientID];
-        if ([_sharedInstance isConfigurationKeyPresent]) {
-            [_sharedInstance setScopes:[_sharedInstance getPermissionsFromConfig]];
-        }
     });
 
     return _sharedInstance;
 }
 
 - (instancetype)initWithGoogleClientID:(NSString *)googleClientID {
+
     if (self = [super init]) {
         _semaphore = dispatch_semaphore_create(0);
 
         NSOperationQueue *operationQueue = [NSOperationQueue new];
         _executor = [AWSExecutor executorWithOperationQueue:operationQueue];
 
         _signInViewController = nil;
-
         _signInClient = [NSClassFromString(@"GIDSignIn") sharedInstance];
-        self.signInClient.delegate = self;
-        self.signInClient.clientID = googleClientID;
-        self.signInClient.scopes = @[AWSGoogleSignInProviderClientScope, AWSGoogleSignInProviderOIDCScope];
+
+        Class GIDConfigurationClass = NSClassFromString(@"GIDConfiguration");
+        SEL initializerSelector = @selector(initWithClientID:serverClientID:);
+        GIDConfiguration *config = [[GIDConfigurationClass alloc] performSelector:initializerSelector withObject:googleClientID];
+        self.signInClient.configuration = config;
+
+        [self.signInClient configureWithCompletion:nil];
     }
 
     return self;
 }
 
 #pragma mark - Hub user interface
 
-- (void)setScopes:(NSArray *)scopes {
-    self.signInClient.scopes = scopes;
-}
-
 - (void)setViewControllerForGoogleSignIn:(UIViewController *)signInViewController {
     self.signInViewController = signInViewController;
 }
@@ -130,8 +124,8 @@ - (NSString *)identityProviderName {
     AWSTask *task = [AWSTask taskWithResult:nil];
     return [task continueWithExecutor:self.executor withBlock:^id _Nullable(AWSTask * _Nonnull task) {
 
-        NSString *idToken = self.signInClient.currentUser.authentication.idToken;
-        NSDate *idTokenExpirationDate = self.signInClient.currentUser.authentication.idTokenExpirationDate;
+        NSString *idToken = self.signInClient.currentUser.idToken.tokenString;
+        NSDate *idTokenExpirationDate = self.signInClient.currentUser.idToken.expirationDate;
 
         if (idToken
             // If the cached token expires within 10 min, tries refreshing a token.
@@ -149,16 +143,16 @@ - (NSString *)identityProviderName {
             }
         }
 
-        idToken = self.signInClient.currentUser.authentication.idToken;
-        idTokenExpirationDate = self.signInClient.currentUser.authentication.idTokenExpirationDate;
+        idToken = self.signInClient.currentUser.idToken.tokenString;
+        idTokenExpirationDate = self.signInClient.currentUser.idToken.expirationDate;
 
         if (idToken
             // If the cached token expires within 10 min, tries refreshing a token.
             && [idTokenExpirationDate compare:[NSDate dateWithTimeIntervalSinceNow:AWSGoogleSignInProviderTokenRefreshBuffer]] == NSOrderedDescending) {
             return [AWSTask taskWithResult:idToken];
         }
 
-        // `self.taskCompletionSource` is used to convert the `GIDSignInDelegate` method to a block based method.
+        // Legacy: `self.taskCompletionSource` is used to convert the `GIDSignInDelegate` method to a block based method.
         // The `token` string or an error object is returned in a block when the delegate method is called later.
         // See the `GIDSignInDelegate` section of this file.
         self.taskCompletionSource = [AWSTaskCompletionSource taskCompletionSource];
@@ -170,7 +164,19 @@ - (NSString *)identityProviderName {
 }
 
 - (void)signInSilently {
-    [self.signInClient restorePreviousSignIn];
+
+    [self.signInClient restorePreviousSignInWithCompletion:^(GIDGoogleUser * _Nullable user,
+                                                                    NSError * _Nullable error) {
+      if (error) {
+        // Show the app's signed-out state.
+          NSLog(@"Error during silent sign-on.");
+      } else {
+          NSLog(@"Success during silent sign-on.");
+          [self didSignInForUser:user withError:error];
+      }
+
+    }];
+
 }
 
 #pragma mark - AWSSignInProvider
@@ -187,17 +193,20 @@ - (void)reloadSession {
 
 - (void)login:(AWSSignInManagerCompletionBlock)completionHandler {
     self.completionHandler = completionHandler;
-    self.signInClient.presentingViewController = self.signInViewController;
-    [self.signInClient signIn];
+
+    [self.signInClient
+     signInWithPresentingViewController:self.signInViewController
+     completion:^(GIDSignInResult * _Nullable signInResult,
+                  NSError * _Nullable error) {
+        [self didSignInForUser:signInResult.user withError:error];
+    }];
 }
 
 - (void)logout {
-    [self.signInClient disconnect];
+    [self.signInClient signOut];
 }
 
-#pragma mark - GIDSignInDelegate
-
-- (void)signIn:(GIDSignIn *)signIn didSignInForUser:(GIDGoogleUser *)user withError:(NSError *)error {
+- (void) didSignInForUser:(GIDGoogleUser *)user withError:(NSError *)error {
     // `self.taskCompletionSource` is used to return `user.authentication.idToken` or `error` to the `- token` method.
     // See the `AWSIdentityProvider` section of this file.
     if (error) {
@@ -211,7 +220,7 @@ - (void)signIn:(GIDSignIn *)signIn didSignInForUser:(GIDGoogleUser *)user withEr
         }
     } else {
         if (self.taskCompletionSource) {
-            self.taskCompletionSource.result = user.authentication.idToken;
+            self.taskCompletionSource.result = user.idToken;
             self.taskCompletionSource = nil;
         }
         [self completeLoginWithToken];
@@ -229,30 +238,6 @@ - (void)completeLoginWithToken {
     [[AWSSignInManager sharedInstance] completeLogin];
 }
 
-#pragma mark - GIDSignInUIDelegate (Removed)
-
-/// These methods should never be called since GIDSignInUIDelegate no longer exists.
-/// However, we'll retain them in case there is some code path we're not aware of that
-/// invokes it.
-
-- (void)signInWillDispatch:(GIDSignIn *)signIn error:(NSError *)error {
-    AWSDDLogError(@"Error: Invoked removed GIDSignInUIDelegate method: %s", __func__);
-    if (error) {
-        AWSDDLogError(@"Error: %@", error);
-    }
-}
-
-- (void)signIn:(GIDSignIn *)signIn
-presentViewController:(UIViewController *)viewController {
-    AWSDDLogError(@"Error: Invoked removed GIDSignInUIDelegate method: %s", __func__);
-}
-
-- (void)signIn:(GIDSignIn *)signIn
-dismissViewController:(UIViewController *)viewController {
-    AWSDDLogError(@"Error: Invoked removed GIDSignInUIDelegate method: %s", __func__);
-    [viewController dismissViewControllerAnimated:YES completion:nil];
-}
-
 #pragma mark - Application delegates
 
 - (BOOL)interceptApplication:(UIApplication *)application

@@ -14,6 +14,7 @@ Pod::Spec.new do |s|
    s.requires_arc = true
    s.dependency 'AWSAuthCore', '2.40.1'
    s.dependency 'AWSCore', '2.40.1'
+   s.dependency 'GoogleSignIn', '8.0.0'
    s.source_files = 'AWSAuthSDK/Sources/AWSGoogleSignIn/*.{h,m}', 'AWSAuthSDK/Dependencies/GoogleHeaders/*.h'
    s.public_header_files = 'AWSAuthSDK/Sources/AWSGoogleSignIn/*.h'
    s.private_header_files = 'AWSAuthSDK/Dependencies/GoogleHeaders/*.h'