Should I use GoogleAuthUtil.getToken(…) or not?

Question

Background:

I need to authenticate on my server back-end so I know the client is genuine. In my Android game I connect to Games.API via

Answer 1

Firstly, I should not use GoogleAuthUtil.getToken(...). It's deprecated; end of.

To achieve what I want I found the following works perfectly... whether it's the best way I have no idea.

First, sign in using Auth.GOOGLE_SIGN_IN:

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(
                                          GoogleSignInOptions.DEFAULT_SIGN_IN)
    .requestEmail()
    .requestIdToken("YOUR-SERVER-CLIENT-ID")
    .build();

mGoogleApiClientForSignIn = new GoogleApiClient.Builder(mActivity, this, this)
    .addApi(Auth.GOOGLE_SIGN_IN_API, gso)
    .build();

mGoogleApiClientForSignIn.connect();

On success this will eventually call onConnected(...) from where you can negotiate a second sign in to Games.API. This has to be performed separately on a new GoogleApiClient because you can't mix Games.API and Auth.GOOGLE_SIGN_IN:

mGoogleApiClientForGames = new GoogleApiClient.Builder(mActivity, this, this)
    .addApi(Games.API).addScope(Games.SCOPE_GAMES)
    .addApi(Drive.API).addScope(Drive.SCOPE_APPFOLDER)
    .build();

mGoogleApiClientForGames.connect();

As per the new Play Games Permissions update for 2016, the GoogleSignIn only appears once per game (even between devices !), after which the user is not presented with any visual log in screens for GoogleSignIn. The only visual login will be the Saved Games snapshot selection screen.

This works with Android 2.3 (use google-play-services r28) and without deprecation warnings. Huzzah !