My app is asking for permission to “Have offline access”, why?

Question

My app is asking for permission to “Have offline access”, why? It's the weirdest thing. I've done a bit of searching and haven't really found anything that's worked. I've tried using these for scopes:

https://www.googleapis.com/auth/plus.profile.emails.read 
https://www.googleapis.com/auth/plus.login

and that didn't seem to help.

Below is a screenshot and some of my code to help you see what's going on:

Some of my code:

    #import "ViewController.h"

NSString *callbakc =  @"http://localhost/";
NSString *client_id = @“CLIENT ID“;
NSString *scope = @"https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+https://www.google.com/reader/api/0/subscription";
NSString *secret = @“SECRET”;
NSString *visibleactions = @"http://schemas.google.com/AddActivity";

@interface ViewController () {
NSString *authAccessToken;
UIAlertController *alertController;
}

@property (strong, nonatomic) NSMutableData *receivedData;
@property (weak, nonatomic) IBOutlet UIWebView *webView;

@end

@implementation ViewController

#pragma mark - Lifecycle

- (void)viewDidLoad {
[super viewDidLoad];


NSString *url = [NSString stringWithFormat:@"https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=%@&redirect_uri=%@&scope=%@&data-requestvisibleactions=%@",client_id,callbakc,scope,visibleactions];

NSURLRequest *request = [NSURLRequest requestWithURL:[NSURL URLWithString:url] cachePolicy:NSURLRequestReloadIgnoringLocalAndRemoteCacheData timeoutInterval:10];

[_webView loadRequest:request];
}



#pragma mark - WebView Delegate

- (BOOL)webView:(UIWebView*)webView shouldStartLoadWithRequest:(NSURLRequest*)request navigationType:(UIWebViewNavigationType)navigationType {

[self performSelector:@selector(progressDelay:) withObject:nil afterDelay:0.0];
if ([[[request URL] host] isEqualToString:@"localhost"]) {

    // Extract oauth_verifier from URL query
    NSString* verifier = nil;
    NSArray* urlParams = [[[request URL] query] componentsSeparatedByString:@"&"];
    for (NSString* param in urlParams) {
        if (![param isEqualToString:@"error=access_denied"]) {
            NSArray* keyValue = [param componentsSeparatedByString:@"="];
            NSString* key = [keyValue objectAtIndex:0];
            if ([key isEqualToString:@"code"]) {
                verifier = [keyValue objectAtIndex:1];
//                    NSLog(@"verifier %@",verifier);
                break;
            }
        }
        else {
            [self.navigationController popViewControllerAnimated:NO];
        }
    }

    if (!verifier==0) {
        [self showAlertViewWithTitle:@"" message:@"Please wait" okAction:NO];

        NSString *data = [NSString stringWithFormat:@"code=%@&client_id=%@&client_secret=%@&redirect_uri=%@&grant_type=authorization_code", verifier,client_id,secret,callbakc];
        NSString *url = [NSString stringWithFormat:@"https://accounts.google.com/o/oauth2/token"];
        NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:url]];
        [request setHTTPMethod:@"POST"];
        [request setHTTPBody:[data dataUsingEncoding:NSUTF8StringEncoding]];

        [request setHTTPShouldHandleCookies:NO];

        NSURLConnection *theConnection = [[NSURLConnection alloc] initWithRequest:request delegate:self];
        NSLog(@"Connection: %@", theConnection);

        self.receivedData = [[NSMutableData alloc] init];
    }
    else {
        // cancel button click
        NSLog(@"not Verified!!");
    }

    return NO;
}
return YES;
}

- (void)webViewDidStartLoad:(UIWebView *)webView {
// show progress
}

- (void)webViewDidFinishLoad:(UIWebView *)webView {
[alertController dismissViewControllerAnimated:YES completion:nil];
}

- (void)webView:(UIWebView *)webView didFailLoadWithError:(NSError *)error {

if (error.code==102) //Frame load interrupted
    return;

[alertController dismissViewControllerAnimated:YES completion:nil];
[self showAlertViewWithTitle:@"Error" message:[error localizedDescription] okAction:YES];
}

#pragma mark - NSURLConnection Delegate

- (void)connection:(NSURLConnection *)connection didReceiveData:(NSData *)data {
[self.receivedData appendData:data];
}

- (void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error{
[self showAlertViewWithTitle:@"Error" message:[NSString stringWithFormat:@"%@", error] okAction:YES];
}

- (void)connectionDidFinishLoading:(NSURLConnection *)connection {

NSString *response = [[NSString alloc] initWithData:self.receivedData encoding:NSUTF8StringEncoding];

NSData *data = [response dataUsingEncoding:NSUTF8StringEncoding];
NSDictionary *tokenData = [NSJSONSerialization JSONObjectWithData:data options:0 error:nil];

if ([tokenData objectForKey:@"access_token"]) {
    authAccessToken = [tokenData objectForKey:@"access_token"];
    [self getUserInfo:authAccessToken];
}
else {
    [alertController dismissViewControllerAnimated:YES completion:nil];
    NSLog(@"RESULT: %@", tokenData);
    [self showAlertViewWithTitle:[tokenData objectForKey:@"name"] message:[NSString stringWithFormat:@"%@", tokenData] okAction:YES];

    // Flush all cached data
    [[NSURLCache sharedURLCache] removeAllCachedResponses];
}

}

#pragma mark - Private Method Implementation

-(void)getUserInfo:(NSString *)token {
NSString *url = [NSString stringWithFormat:@"https://www.googleapis.com/oauth2/v1/userinfo?access_token=%@",token];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:url]];
[request setHTTPMethod:@"GET"];
[request setHTTPShouldHandleCookies:NO];

NSURLConnection *theConnection=[[NSURLConnection alloc] initWithRequest:request delegate:self];
NSLog(@"Connection: %@", theConnection);

self.receivedData = [[NSMutableData alloc] init];

}

-(void)progressDelay:(id)sender {
// Dismiss progress
}


@end

Any help would be greatly appreciated!

Thank you

Answer 1

This is from https://stackoverflow.com/questions/32210920/why-is-my-app-asking-for-permission-to-have-offline-access?answertab=oldest#tab-top:

This is normal behavior and occurs when the user has granted permission already.

Basically, no need to worry about it unless you really don't want that showing up, in that case, you need to un auth the users old token before requesting a new one.

I'm not exactly sure how because I haven't done this before, but before you authorize a new token you need to un-authorize the old one.

You'll need to modify the -(void)getUserInfo:(NSString *)token method.

Answer 2

For some reason unknown to me. The email scope pops up with

Have offline access

If you want to remove the have offline access remove the email scope. Personally I think it is miss leading to users that you are asking for email access yet are prompted for offline access. Technically speaking all OAuth2 that returns a refresh token gives offline access so the user should always be told that you are getting offline access but it doesnt.