I have the following workflow in my application:
At this point, one of two things happens:
[I never want this behaviour] - If the user is logged into exactly one Google account (i.e. gmail, Google Apps for Domains, etc...) the user is never asked to choose which account to link. It just assumes they want to use the one they are logged into and goes upon its merry way.
[I always want this behaviour] - If the user is either not logged in to any Google accounts, or they are logged in to more than one Google account then they are asked to choose which account they'd like to proceed with.
Question: Is there a way for me to force the user to choose an account, even if the user is currently logged into a single Google account?
Code:
private def getFlow() = {
if (flow == null) {
logger.info("Using OAuth client secrets file: " + GoogleOAuthService.CLIENT_SECRETS_JSON)
clientSecrets = GoogleClientSecrets.load(JacksonFactory.getDefaultInstance(),
new InputStreamReader(getClass.getResourceAsStream(GoogleOAuthService.CLIENT_SECRETS_JSON)));
redirectUri = clientSecrets.getDetails().getRedirectUris().get(0)
flow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport, JacksonFactory.getDefaultInstance(), clientSecrets, SCOPES).setDataStoreFactory(
dataStoreFactory).setAccessType("offline").setApprovalPrompt("force").build()
}
flow
}
def newAuthorizationUrl(userId: String) = {
val urlRequest = getFlow().newAuthorizationUrl()
urlRequest.setAccessType("offline")
.setRedirectUri(redirectUri).setState(userId).build()
}
I think you can add some parameter in the url to tell google to show the consent screen with the user accounts instead of assuming the default google account.
This can be done by adding prompt=select_account+consent
("+" is added as a part of url encoding) in the url.
I did not try this till now but maybe you can try.