Google Releases Guide On Setting Up OAuth 2.0 Flows

This guide helps you set up OAuth 2.0 in supported user-agents. It informs you how to enable sign-in on your framework-based apps and how to test for compatibility.

Recently, Google announced the release of a guide to help developers set up OAuth 2.0 in supported user-agents. The guide will inform you how to enable sign-in on your framework-based apps and how to test for compatibility.
 
Google announced that all embedded frameworks will be blocked starting on January 4th, 2021 to protect users from "man-in-the-middle" attacks.
 
The search giant recommends using browser-based OAuth 2.0 flows for app developers that use CEF or other clients for authorization on devices. And, for limited-input device applications like applications that do not have access to a browser or have limited input capabilities, the company recommends using limited-input device OAuth 2.0 flows.
 
If you currently use CEF for sign-in, you should be aware that support for this type of authentication ends on January 4, 2021. To check whether you'll be affected by the change, you can test your application for compatibility. In order to test your application, you will need to add a specific HTTP header and value to disable the allowlist. Firstly go to where you send requests to accounts.google.com, and the add Google-Accounts-Check-OAuth-Login:true to your HTTP request headers.
 
 
 Source: Google
 
For additional details, you can visit the official announcement here.