OAuth Authorization Fails with 'Access Blocked – This request is blocked by Google policy'

[skhetripal]

Hi
I'm integrating SMART on FHIR in an iOS app using the Swift-SMART client to authenticate with a MEDITECH EHR system. When attempting to authorize using the SMART client, the following error is returned:

"Access Blocked – This request is blocked by Google policy"

Context:

• MEDITECH uses Google OAuth 2.0 as its identity provider.
• The current implementation of the SMART client uses a WKWebView to present the authorization flow.
• Google, following OAuth 2.0 best practices, blocks authentication requests from embedded web views such as WKWebView for security reasons.

Problem-
Since the authentication flow is initiated inside a WKWebView, Google blocks the login attempt, making it impossible to proceed with OAuth authorization.

[skhetripal]

@drdavec @xmlmodeling Could you please look at once on this?
Thanks

[dogversioning]

@skhetripal while I don't believe anyone is actively supporting this repository right now, if you (or anyone else) want to take a swing at addressing this, someone from the Cumulus team can review PRs and cut releases.