Category Archives: Google Developers Blog

News and insights on Google platforms, tools and events

Making Google OAuth interactions safer by using more secure OAuth flows

Posted by Vikrant Rana, Product Manager and Badi Azad, Group Product Manager, Google

At Google, we constantly strive to provide safer ways for users to sign-in and share their Google account data with third-party applications. In the spirit of that work, we will be rolling out a set of protections against phishing and app impersonation attacks during the OAuth interactions.

The Google sign-in and authorization flows are powered by the Google OAuth platform and over the years we have developed and supported a number of ways for app developers to integrate with supported OAuth flows. With the goal of keeping users safer online, we will end support for two legacy flows and will require developers to migrate to alternative implementation methods that offer greater protections.

To ensure a smooth transition and avoid any service interruption we will give ample time to implement and meet the compliance dates which are specified below. We will share further updates on this rollout via email so please make sure your support email address is up to date in project settings on the Google API console.

Loopback IP address flow will be disallowed for native iOS, Android and Chrome OAuth client types

The Loopback IP address flow is vulnerable to man in the middle attack where a malicious app, accessing the same loopback interface on some operating systems, may intercept the OAuth response and gain access to the authorization code. We intend to remove this threat vector by disallowing this flow for iOS, Android and Chrome app OAuth client types. The existing clients will be able to migrate to more secure implementation methods. New clients will be unable to use this flow starting on March 14, 2022.

What do I need to do

Determine if your app is using the Loopback IP address flow

You can inspect your app code or the outgoing network call (in case your app is using an OAuth library) to determine if the Google OAuth authorization request your app is making has the following values for “redirect_uri” parameter.

redirect_uri=http://127.0.0.1:port or http://[::1]:port">http://[::1]:port or

http://localhost:port

Migrate to an alternative flow

If your app is using the Loopback IP address method you need to migrate to another method which is more secure by default. Please consider the following alternative methods for migration.

iOS clients: Google Sign-In for iOS SDK
Android clients: Google Sign-In for Android SDK
Chrome clients: Chrome Identity API

Key dates for compliance

Mar 14, 2022 - new OAuth usage will be blocked for the Loopback IP address flow
Aug 1, 2022 - a user-facing warning message may be displayed to non-compliant OAuth requests one month before the compliance date
Aug 31, 2022 - the Loopback IP address flow is blocked for existing clients

OAuth out-of-band (oob) flow will be deprecated

OAuth out-of-band (OOB) is a legacy flow developed to support native clients which do not have a redirect URI like web apps to accept the credentials after a user approves an OAuth consent request. The OOB flow poses a remote phishing risk and clients must migrate to an alternative method to protect against this vulnerability. New clients will be unable to use this flow starting on Feb 28, 2022.

What do I need to do

Determine if your app is using the OOB flow

redirect_uri=urn:ietf:wg:oauth:2.0:oob or urn:ietf:wg:oauth:2.0:oob:auto or oob

Migrate to an alternative flow

If your app is using the OOB method you need to migrate to another method which is more secure by default. Please consider the following alternative methods for migration.

iOS clients: Google Sign-In for iOS SDK
Android clients: Google Sign-In for Android SDK
Chrome clients: Chrome Identity API
Desktop clients: OAuth 2.0 for Desktop apps

Key dates for compliance

Feb 28, 2022 - new OAuth usage will be blocked for the OOB flow
Sep 5, 2022 - a user-facing warning message may be displayed to non-compliant OAuth requests
Oct 3, 2022 - the OOB flow is deprecated for existing clients

User-facing warning message

A user-facing warning message may be displayed for non-compliant requests one month before the aforementioned OAuth methods are due to be blocked. The message will convey to the users that the app may be blocked soon while displaying the support email that you have registered in the OAuth consent screen in Google API Console.

[Sample user-facing warning]

The developers can acknowledge the user-facing warning message and suppress it by passing a query parameter in the authorization call as shown below.

Go to the code in your app where you send requests to Google's OAuth 2.0 Authorization Endpoint.
Add a parameter with a value of the enforcement date

For OOB: Add an ack_oob_shutdown parameter with a value of the enforcement date: 2022-10-03. Example: ack_oob_shutdown=2022-10-03
For Loopback IP address: Add an ack_loopback_shutdown parameter with a value of the enforcement date: 2022-08-31. Example: ack_loopback_shutdown=2022-08-31

User-facing error message

If an app is not updated to meet compliance by the required date the authorization requests will be blocked and users may encounter an invalid request error screen (sample shown below).

[Sample user-facing error]

Source: Google Developers Blog

Making Google OAuth interactions safer by using more secure OAuth flows

Posted by Vikrant Rana, Product Manager and Badi Azad, Group Product Manager, Google

Loopback IP address flow will be disallowed for native iOS, Android and Chrome OAuth client types

What do I need to do

Determine if your app is using the Loopback IP address flow

redirect_uri=http://127.0.0.1:port or http://[::1]:port">http://[::1]:port or

http://localhost:port

Migrate to an alternative flow

If your app is using the Loopback IP address method you need to migrate to another method which is more secure by default. Please consider the following alternative methods for migration.

iOS clients: Google Sign-In for iOS SDK
Android clients: Google Sign-In for Android SDK
Chrome clients: Chrome Identity API

Key dates for compliance

Mar 14, 2022 - new OAuth usage will be blocked for the Loopback IP address flow
Aug 1, 2022 - a user-facing warning message may be displayed to non-compliant OAuth requests one month before the compliance date
Aug 31, 2022 - the Loopback IP address flow is blocked for existing clients

OAuth out-of-band (oob) flow will be deprecated

What do I need to do

Determine if your app is using the OOB flow

redirect_uri=urn:ietf:wg:oauth:2.0:oob or urn:ietf:wg:oauth:2.0:oob:auto or oob

Migrate to an alternative flow

If your app is using the OOB method you need to migrate to another method which is more secure by default. Please consider the following alternative methods for migration.

iOS clients: Google Sign-In for iOS SDK
Android clients: Google Sign-In for Android SDK
Chrome clients: Chrome Identity API
Desktop clients: OAuth 2.0 for Desktop apps

Key dates for compliance

Feb 28, 2022 - new OAuth usage will be blocked for the OOB flow
Sep 5, 2022 - a user-facing warning message may be displayed to non-compliant OAuth requests
Oct 3, 2022 - the OOB flow is deprecated for existing clients

User-facing warning message

[Sample user-facing warning]

The developers can acknowledge the user-facing warning message and suppress it by passing a query parameter in the authorization call as shown below.

Go to the code in your app where you send requests to Google's OAuth 2.0 Authorization Endpoint.
Add a parameter with a value of the enforcement date

For OOB: Add an ack_oob_shutdown parameter with a value of the enforcement date: 2022-10-03. Example: ack_oob_shutdown=2022-10-03
For Loopback IP address: Add an ack_loopback_shutdown parameter with a value of the enforcement date: 2022-08-31. Example: ack_loopback_shutdown=2022-08-31

User-facing error message

If an app is not updated to meet compliance by the required date the authorization requests will be blocked and users may encounter an invalid request error screen (sample shown below).

[Sample user-facing error]

Source: Google Developers Blog

Announcing authorization support for Google Identity Services APIs

Posted by Rohey Livne, Product Manager

Google Identity Services (GIS)

At Google, keeping users safe online is our top priority, so we continuously invest in new tools and features to keep their personal information secure.

In August 2021, we launched a new family of Identity APIs called Google Identity Services (GIS), which consolidates multiple identity offerings under one web software development kit (SDK). This SDK includes the Sign in with Google button as well as One Tap, a low-friction authentication prompt. Sign in with Google and One Tap use secure tokens, rather than passwords, to sign users into sites and apps.

Today we are announcing the addition of an authorization feature, all under the same unified Google Identity Services SDK, which further increases the value of our suite of identity solutions and makes it simpler for developers to implement.

Caption: Authorization screen with individual consent options

What's new

The updated library now provides a ‘one-stop-shop’ for developers across both authentication and authorization. Authentication enables new user sign ups and returning user sign ins, while authorization allows developers to receive an access token to call Google APIs, with the user’s consent.

To provide developers with more control, the new SDK supports a clear separation between authentication and authorization moments. This enables partners to make authentication and authorization calls as two separate and distinct flows based on the needs of the site or app.

Benefits

The new SDK uses browser-based pop-up dialogues, which reduces user friction on sites and apps, streamlines authentication and authorization flows, and increases user engagement.

In addition, the removal of automatic refresh of expired access tokens enhances the overall security of the flows, requiring an end user to explicitly refresh their session, preventing long standing tokens from being used for unintended purposes.

Furthermore, the new consolidated library reduces integration complexity minimizing development time and effort. To simplify integration even further, we provide pre-scripted easy to use code snippets that can be copied and pasted directly onto partner sites.

Users who take advantage of Google’s authentication or authorization flows benefit from Google’s leading security infrastructure, offering two factor authentication, password recovery flows, and have the peace of mind that all sites and apps with authorization enabled, have been verified by Google.

We continue to improve our solutions as part of the migration to Google Identity Services (GIS), so look out for more capabilities added throughout the year.

To take advantage of the new Google Identity Services (GIS) library, head over to Google’s Developer site and click on the ‘Get Started’ button for access to technical documentation.

Source: Google Developers Blog

Hyper-local ads targeting made easy and automated with Radium

Posted by Álvaro Lamas, Natalija Najdova

Location targeting helps your advertising to focus on finding the right customers for your business. Are you, as a digital marketer, spending a lot of time optimizing your location targeting settings for your digital marketing campaigns? Are your ads running only in locations where you can deliver your services to your users or outside as well?

Read further to find out how Radium can help automate your digital marketing campaigns location targeting and make sure you only run ads where you deliver your services.

The location targeting settings challenge

Configuring accurate location targeting settings in Marketing Platforms like Google Ads allows your ads to appear in the geographic locations that you choose: countries, cities and zip codes OR radius around a location. As a result, precise geo targeting could help increase the KPIs of your campaigns such as the return on investment (ROI), the cost per acquisition (CPA) at high volumes, etc.

Mapping your business area to the available targeting options (country, city and zip code targeting or radius targeting) in Marketing Platforms is a challenge that every business doing online marketing campaigns has faced. This challenge becomes critical if you offer a service that is only available in a certain geographical area. This is particularly relevant for Food or Grocery Delivery Apps or organizations that run similar business models.

Adjusting these location targeting settings is a time consuming process. In addition, manually translating your business or your physical stores delivery areas into geo targeting settings is also an error prone process. And not having optimal targeting options might lead to ads shown to users that you cannot really deliver your services to, so you would likely lose money and time setting location targeting manually.

How can Radium help you?

Radium is a simple Web Application, based on App Scripts, that can save you money and time. Its UI helps you automatically translate a business area into radius targeting settings, one of the three options for geo targeting in Google Ads. It also provides you with an overview of the geographical information about how well the radius targeting overlaps with your business delivery area.

It has a few extra features like merging a few areas into one and generating the optimal radius targeting settings for those.

How does it work?

You can get your app deployed and running in less than an hour following these instructions. Once you’re done, in no time you can customize and improve your radius targeting settings to better meet your needs and optimize your marketing efforts.

Per delivery area that you provide, you will be able to visualize different circles in the UI, select one from the default circles or opt in for custom circle radius settings:

Large Circle: Pre-generated circle that englobes the rectangle that surrounds the targeting area
Small Circle: Pre-generated circle contained in the rectangle that surrounds the targeting area, touching its sides
Threshold Circle: Pre-generated circle with the minimum radius to cover at least the 90% of your delivery area, to maximize targeting and minimize waste

Custom Circle: Circle which center and radius can be customized manually by drag-and-drop and using the controls of the UI

Large Circle

Small Circle

Threshold Circle

Custom Circle

Take advantage of metrics to compare between all the radius targeting options and select the best fit for your needs. In red you can see the visualization of the business targeting area and, overlapped in gray, the generated radius targeting.

Metrics:

Radius: radius of the circle, in km
% Intersection: area of the Business Targeting Area inside the circle / total Business Targeting Area size
% Waste: area of circle excluding the Business Targeting Area / total Business Targeting Area size
Circle Size: area of the circle, in km²
Intersection Size: area of the Business Targeting Area, in km²
Waste Size: area of the circle excluding the Business Targeting Area, in km²
Circle Score: % Intersection - % Waste. The highest score represent the sweet spot, maximizing the targeting area and minimizing the waste area

Once you are done optimizing the radius settings, it’s time to activate them in your marketing campaigns. Radium offers you different ways of storing and activating this output, so you can use the one that better fits your needs:

Export your data to a Spreadsheet. This will allow you to have a mapping of readable names for each delivery area and its targeting settings, to generate the campaign settings in the csv format expected by Google Ads and to bulk upload them using Google Ads Editor
Directly download the csv file that can be uploaded to Google Ads via Google Ads Editor to bulk upload the settings of your campaigns
Upload them manually using the Google Ads UI

Find all the details about how to activate your location targeting settings in this step by step guide

Getting started with Radium

There are only 2 things you need to have in order to benefit from Radium:

Very easy to generate Maps JavaScript API Key
Map of your business’ delivery areas in either format:
- KML file representing the polygon shaped targeting areas (see sample file)
- CSV file with lat-lng, radius and name of the area it belongs to, more oriented to physical stores and restaurants (see sample file)

To get you started please visit the Radium repository on Github.

Summary

So, in conclusion, Radium helps you automate the location targeting configuration and optimization for your Google Ads campaigns, saving you time and minimizing errors of manual adjustments.

Source: Google Developers Blog

Announcing Flutter for Windows

Posted by @Tim Sneath

Build high-quality Windows apps that also run on mobile and web

Since we launched Flutter, we’ve focused on delivering a cross-platform solution for beautiful, tailored apps that are compiled to machine code and take full advantage of the underlying graphics hardware of your device. Today marks a significant expansion of this vision with the first production release of support for Windows as an app target, enabling Windows developers to benefit from the same productivity and power that mobile developers have been enjoying.

Our goal with Flutter is to give you the tools you need to build a great experience, regardless of which operating system you’re building for. And so we want to bring the same core framework and tools to every place you might want to paint pixels. Flutter allows you to handcraft beautiful experiences where your brand and design come to the forefront. Flutter is fast, compiling directly to machine code; with support for stateful hot reload, you get the productivity of an interactive environment that allows you to make changes while your app is running and see the results immediately. And Flutter is open, with thousands of contributors adding to the core framework and extending it with an ecosystem of packages.

So far, we’ve seen momentum that has exceeded our expectations, with nearly half a million apps now released that use Flutter, including big apps from companies like Betterment, BMW, and ByteDance, and apps from thirty teams at Google. In 2021, Flutter became the most popular cross-platform UI toolkit, as measured by analysts like Statista and SlashData:

Our own data backs this up, with a consistent 92% of Flutter developers expressing positive satisfaction with our tools in all four quarterly surveys in 2021. To the other 8% of you, we’re listening to your feedback and want you to be happy as well!

One common survey request has been for Windows support. Today, we’re thrilled to announce the full availability of support for Windows apps for Flutter in stable builds.

Windows and Flutter

A couple of years ago, we laid out an ambitious vision for Flutter to expand from mobile apps on iOS and Android to other platforms including web and the desktop. The core of Flutter carries across platforms: from the portable, hardware-accelerated Skia graphics engine, to the Flutter rendering system; core primitives like animation, theming, text input, and internationalization; and the hundreds of widgets that Flutter offers.

But desktop apps aren’t just mobile apps running on a bigger screen. They’re designed for different input devices, such as a keyboard and mouse. They have resizable windows that often run on a widescreen monitor. There are different conventions for critical things like accessibility, input method editors, and visual styling. And they integrate with different APIs in the underlying operating system: desktop apps support everything from file system pickers to device hardware to data stores like the Windows registry.

So while we’ve brought Flutter to Windows, we’ve also tailored it for Windows.

Just as with our support for Android and iOS, the Windows implementation of Flutter combines a Dart framework and C++ engine. Windows and Flutter communicate through an embedding layer that hosts the Flutter engine and is responsible for translating and dispatching Windows messages. Flutter coordinates with Windows to paint your UI to the screen, handles events like window resizing and DPI changes, and works with existing Windows modalities for internationalization (such as input method editors).

On Windows, Flutter uses exactly the same Dart code, but takes advantage of native Windows APIs.

Your app can use every part of the Flutter framework, and on Windows, it can also talk to the Win32, COM, and Windows Runtime APIs either directly through Dart’s C interop layer, or using a platform plugin written in C++. We’ve also adapted a number of common plugins to include Windows support, including camera, file_picker, and shared_preferences. More importantly, the community has already added Windows support for a broad array of other packages, covering everything from Windows taskbar integration to serial port access.

For a fully tailored Windows UI, you can also use Flutter Favorite packages like fluent_ui and flutter_acrylic to create an app that expresses the Microsoft Fluent design system beautifully. And using the msix tool you can wrap your app in an installer that can be uploaded to the Microsoft Store on Windows.

There are already hundreds of packages that have been adapted to support Flutter apps built for Windows.

Together, this fosters creation of apps that look great on Windows, run fast on Windows, and still transfer to other desktop or mobile devices, as well as the web. Here are a few early examples that we’ve seen so far:

Some early community examples of Windows apps built with Flutter, including Harmonoid and Rows.

Microsoft and Flutter

Several teams from Microsoft have contributed to today’s announcement. In particular, we’d like to express our gratitude to the Fluent design team for their contribution of iconography for Flutter apps on Windows. Their fluentui_system_icons package has been awarded Flutter Favorite status to signify its quality.

Of course, Visual Studio Code provides a key part of the tooling experience for Flutter apps. Our Dart extension has been downloaded over 4 million times, and we’ve been grateful for their partnership and support of our feature requests to improve Flutter development using their tools.

We asked the Windows team if they’d be willing to share a few words about Flutter’s support. Here’s what Kevin Gallo, Corporate Vice President for Windows Developer Platform at Microsoft, has to say:

“We're delighted to see Flutter adding support for creating Windows apps. Windows is an open platform, and we welcome all developers. We're excited to see Flutter developers bring their experiences to Windows and also publish to the Microsoft Store. Flutter support for Windows is a big step for the community, and we can’t wait to see what you’ll bring to Windows!”

We’ve been particularly impressed with the investments Microsoft has made around accessibility for Windows, and we’re grateful for their team’s assistance to ensure Flutter has support for screen readers from day one. It’s a mistake to dismiss accessibility as a niche interest. As this diagram from Microsoft’s inclusive design toolkit illustrates, we all have reason to care about delivering experiences that adapt for different permanent, temporary, or situational needs.

The video below demonstrates how Flutter integrates with Windows Narrator. For the purposes of this video, we’ve deliberately blurred the screen to give you a sense of how important this feature is to users who need it.

An ecosystem of tools for Windows development

Our tooling partners are also adding support for Windows.

FlutterFlow, the low-code Flutter app design tool, is announcing support today for Windows and features to help developers target desktop form factors from their Flutter apps.
Realm is a super-fast local data store. The latest version, shipping today, now supports building Windows apps with Flutter, with fast access to the underlying database using Dart FFI, adding to their existing support for mobile platforms like iOS and Android.
Rive announced today an upcoming Windows version of their popular graphics tooling suite, allowing designers and developers to create interactive vector animations that can respond to code in real time using a state machine. The upcoming Windows edition of their app offers screaming fast performance and a lower memory footprint, and will be available soon in the Microsoft Store for download.
Syncfusion have updated their suite of widgets to take full advantage of Windows. If you subscribe to their toolkit, you’ll find data visualization components like treemaps and charting, a rich data grid widget, calendars and even support for PDF creation and Excel spreadsheets.
Lastly, Nevercode has updated their Codemagic CI/CD tool to support Windows, enabling you to test and build your Windows apps in the cloud and automate deployment of your app to the Windows Store.

It’s very exciting for us to see a mature ecosystem built around Flutter, and we’d encourage you to check out each of these partners as you start building Windows apps with Flutter.

Windows support arrives in Flutter 2.10

Stable, production-quality support for building Windows apps is available as part of Flutter 2.10, which releases today. Flutter 2.10 also includes many other features, performance improvements and bug fixes, which we’ll cover in more detail in a separate blog post.

In the coming months, you’ll hear more from us on completing stable support for macOS and Linux, making the full set of desktop, web, and mobile platforms available for your production Flutter apps.

In the meantime, thank you for your support of Flutter. We’re excited to see what you build for Windows!

Source: Google Developers Blog

Expanding access to Differential Privacy to create a safer online ecosystem

Posted by Miguel Guevara, Product Manager, Privacy and Data Protection Office

At Google, we believe in democratizing access to privacy technology for all. Today, on Data Privacy Day, we’re sharing updates on our effort to create free tools that help the developer community – researchers, governments, nonprofits, businesses and more – build and launch new applications for differential privacy, which can provide useful insights and services without revealing any information about individuals. We hope to push the industry forward in creating a safer ecosystem for every Internet user with products that are private by design.

Enabling more developers to use differential privacy

In 2019, we launched our open-sourced version of our foundational differential privacy library in C++, Java and Go. Our goal was to be transparent, and allow researchers to inspect our code. We received a tremendous amount of interest from developers who wanted to use the library in their own applications, including startups like Arkhn, which enabled different hospitals to learn from medical data in a privacy-preserving way, and developers in Australia that have accelerated scientific discovery through provably private data.

Since then, we have been working on various projects and new ways to make differential privacy more accessible and usable. Today, after a year of development in partnership with OpenMined, an organization of open-source developers, we are happy to announce a new milestone for our differential privacy framework: a product that allows any Python developer to process data with differential privacy.

Previously, our differential privacy library was available in three programming languages. Now, we’re making it available in Python, reaching nearly half of the developers worldwide. This means millions more developers, researchers, and companies will be able to build applications with industry leading privacy technology, enabling them to obtain insights and observe trends from their datasets while protecting and respecting the privacy of individuals.

With this new Python library, we’ve already had organizations begin experimenting with new use cases, such as showing a site’s most visited webpages on a per country basis in an aggregate and anonymized way. The library is unique as it can be used with Spark and Beam frameworks, two of the leading engines for large data processing, yielding more flexibility in its usage and implementation. We are also releasing a new differential privacy tool that allows practitioners to visualize and better tune the parameters used to produce differentially private information. Finally, we are also publishing a paper sharing the techniques that we use to efficiently scale differential privacy to datasets of a petabyte or more.

As with all open-source projects, the technology and outputs are only as strong as its community. Internally, we’ve trained a team that develops differentially private solutions, including the infrastructure behind our Mobility Reports and the popular times feature in Google Maps. Being true to our goal, we took the step of helping OpenMined build a team of experts outside of Google as well to serve as a resource for anyone interested in learning how to deploy differential privacy technologies.

Looking forward

We encourage developers around the world to take this opportunity to experiment with differential privacy use cases like statistical analysis and machine learning, but most importantly, provide us with feedback. We are excited to learn more about the applications you all can develop and the features we can provide to help along the way.

We will continue investing in democratizing access to critical privacy enhancing technologies and hope developers join us in this journey to improve usability and coverage. As we’ve said before, we believe that every Internet user in the world deserves world-class privacy, and we’ll continue partnering with organizations to further that goal.

Source: Google Developers Blog

How a student leader cultivates on-campus diversity and leadership in Australia

Posted by Matthew Ranocchiari, Developer Relations Community Manager, Australia & New Zealand

Banner image shows Milindi Kodikara smiling with text that reads How a student leader cultivates on-campus diversity and leadership in Australia

To get familiar with her local community, International student Milindi Kodikara, originally from Sri Lanka, joined almost every tech club at RMIT University in Melbourne, Australia. She immediately identified an opportunity to establish a more diverse and inclusive tech club to prepare students to work in the tech industry. Using both her instincts and passion for community building, she set out on a mission to re-establish a Google Developer Student Club (GDSC) at RMIT University.

“I applied to become the GDSC Lead at RMIT University to create a better, brighter, and stronger community where our students (regardless of age, gender, sexuality, or race) can thrive, learn new skills, and enjoy their time with new friends,” Kodikara says.

Preparing students for tech careers

After starting the club, Milindi sought the advice of Matthew Ranocchiari (Google Developer Relations Community Manager for the region) who then suggested Milindi form a team, set goals, and plan activities for the semester. Milindi assembled a team of seven students hailing from Malaysia, the Philippines, Indonesia, Bangladesh, and Sri Lanka. They brought a mix of technical and non-technical backgrounds. Each shared an eagerness to learn about technology, help other students build projects, and develop leadership skills.

“ I was looking for a team of passionate individuals to make a change at RMIT University.”

Screenshot from a Google Video Chat shows the GDSC core team at RMIT University. They are all smiling at the camera

Social media officer Chaamudi Kodikara, helped set up the club’s various channels, which currently engage 400+ students every day. Design experts Isaac (Yi Jie) Chuah, Jacqueline Ann Lim, and Andrea Gocheco; event managers Sheryl Mantik and Kowsar Rahman Sadit; and a tech expert Prottay Karim each round out the group.

Planning a “Study Jam-packed” semester

When asking students what they wanted from the new club, most students said they were seeking an opportunity to learn how to land a tech job through networking, get a sense of what tech jobs are like day-to-day, and explore various technologies. Most of all, they wanted to feel empowered. With these goals in mind, the team planned multiple events per month, including an inaugural virtual Games Night, a series of lightning talks (called Geeky Google Tech Talks), and Cloud Study Jams.

“As Cloud is already a field that is in high demand, we thought our community could benefit from learning this for their own career success,” explains Milindi.

Embracing school spirit and multiple learning opportunities

To ensure students would be prepared for workshops on Artificial Intelligence, Machine Learning, and robotics, the club held beginner-friendly programs that introduced students to the topics. They launched these in collaboration with RMIT's Society for Women in Information Technology, RMIT's Programming Club and additional partners and sponsors. The club’s HackVision hackathon, featured games, mentoring sessions, and workshops on topics such as public speaking, pitching ideas, ideation, UX/UI design, and software architecture.

With a wide variety of workshops that drew many attendees, the events and facilitators helped students with their technical queries throughout the semester. Some facilitators such as industry professional Thomas Frantz, Google Chrome Engineer, Jakub Młynarczyk, and Patrick Haralabidis of the Melbourne TensorFlow User Group stay connected with the students. Their connections and willingness to help solidifies the importance of mentorship. For example, one instructor led a machine learning workshop, while another one walked students through the complex algorithm-related questions asked during technical job interviews. Milindi herself led a live robotics demo where she programmed Nao Bots to dance to music and showed other students how to program the robots.

“These workshops helped them expand their tech skills to unexplored areas and help them feel confident at interviews. Our speakers showed students what is possible with these new technologies and machines. The time and effort spent on this event was truly rewarding seeing how much all the participants learned and experienced,” Milindi says.

Collage style image made up of images of GDSC RMIT members, memes, emojis, and graphics created by the group

Representation and professional development

Professional development remains important too, notes Milindi. “We here at GDSC RMIT have quite a diverse community, and we wanted to make sure our community was well prepared for the hardships of finding success.” She says, "as a female international student, I've had to apply to hundreds of companies when I was looking for internships, so I understand the struggle of applying for jobs, especially the frustration that comes with being rejected, in most cases, for reasons beyond your control, like visa issues.”

In this spirit, the club collaborated with RMIT's Society for Women in Information Technology to hold an event called "ROAR!” to empower female and underrepresented students. The event included an #IamRemarkable workshop with Googlers. Additionally, the club encouraged students to develop their resumes and LinkedIn profiles and offered a Personal Branding workshop, giving students multiple opportunities to showcase their talents and abilities.

Preparing a diverse student body for tech careers

Milindi expresses gratitude for having the opportunity to reinvigorate the community around RMIT University’s Google Developer Student Club. She relishes the ability to bring diverse students from many countries and gender identities together in the service of developing new skills, learning from each other, and ultimately landing jobs in the fast-growing tech industry.

"My amazing Core Team and I have given GDSC at RMIT University a new chapter and made a safe space for tech nerds of all ages, races, genders, and sexualities to feel welcome to be themselves and strive to be successful," Milindi says. "I am grateful for this fantastic opportunity to serve our community and help make the world a better place.”

For more information on this GDSC chapter visit the site here. If you’re a student and would like to join a Google Developer Student Club community, look for a chapter near you here, or visit the program page to learn more about starting one in your area.

Source: Google Developers Blog

Year in review: the Google Workspace Platform 2021

Posted by Charles Maxson, Developer Advocate

In 2021, we saw many changes and improvements to the Google Workspace Platform geared at helping developers build new solutions to keep up with the challenges of how we worked, like hybrid and fully remote office work. More than ever, we needed tools for virtual collaboration and digital processes to keep our work going. As paper processes in the office were less viable and we continued to go see digital transformations become necessary, many new custom solutions like desk reservation systems and automated test logging have evolved.

2021 was also a year for Platform milestones, Google Workspace grew to more than 3 billion users globally, we reached more than 5,300 public apps in the Google Workspace Marketplace, and we crossed over 4.8 billion apps installed (up from 1 billion in 2020)! We were also busy bringing Platform innovations and improving our developer experience to help building for Google Workspace easier and faster. Here’s a look at some of the key enhancements the Google Workspace Platform brought to the developer community.

Google Cloud Champion Innovators program

Community building is one of the most effective ways to support developers, which is why we created Google Cloud Innovators.This new community program was designed for developers and technical practitioners using Google Cloud and we welcome everyone.

And when we say everyone, it’s not just professional developers, data scientists, or student developers and hobbyists, we also mean non-technical end users. The growing Google community has something for everyone.

GWAO Alternate Runtimes goes GA

Google Workspace Add-ons are customized applications that tightly integrate with Google Workspace applications, and can be found in the Google Workspace Marketplace, or built specifically for your own domain. The development of these applications were limited to using Apps Script, our native scripting language for the Google Workspace Platform. With the launch of Alternate Runtimes you can now develop add-ons with your preferred hosting infrastructure, development tool chain, source control system, coding language, and code libraries; it was a highly requested update from the developer community, opening up the Platform to many new developer scenarios.

Card Builder UI Application

The GWAO Card Builder tool allows you to visually design the user interfaces for your Google Workspace Add-ons and Google Chat apps projects. It is a must-have for Google Workspace developers using either Apps Script or Alternate Runtimes, enabling you to prototype and design Card UIs super fast without hassle and errors of hand coding JSON or Apps Script on your own.

Card Builder tool for building Google Workspace Add-ons and Chat Apps

Recommended for Google Workspace

This program showcases a selection of market-leading applications built by software vendors across a wide range of categories, including project management, customer support, and finance in our Google Workspace Marketplace. These apps undergo rigorous usability and security testing to make sure they meet our requirements for high quality integrations. They must also have an exemplary track record of user satisfaction, reliability, and privacy.

Recommended for Google Workspace program showcases high quality applications

Chat Slash Commands and Dialogs

Slash commands simplify the way users interact with your Chat bot, offering them a visual leading way to discover and execute your bot’s primary features. As a developer, slash commands are straightforward to implement, and essential in offering a better bot experience. In addition to Slash Commands, Dialogs were a new capability introduced to the Chat App framework that allows developers to build user interfaces to capture inputs and parameters in a structured, reliable way. This was a tremendous step forward for bot usability because it simplified and streamlined the process of users interacting with bot commands. Now with dialogs, users can be led visually to supply inputs via prompts, versus having to rely on wrapping bot commands with natural language inputs.

Forms API beta

Google Forms enables easy creation and distribution of forms, surveys, and quizzes. Forms is used for a wide variety of use cases across business operations, customer management, event planning and logistics, education, and more. With the Google Forms API Beta announcement, developers were able to provide programmatic access for managing forms and acting on responses, empowering developers to build powerful integrations on top of Forms.

Google Workspace Marketplace updates

We made many updates to the Google Workspace Marketplace to improve both the user and developer experience. We added updates to the application detail page that included pricing and when the listing was last updated. The homepage also saw improvements with various curated categories by the Google team under Editor’s Choice. Finally, we launched the marketplace badges for developers to promote their published applications on websites and marketing channels. Oh, and we also had a logo update if you hadn’t noticed.

Google Workspace Marketplace Badges for application promotion

Farewell 2021 and here’s to welcoming in 2022

2021 brought us many innovations to the Google Workspace Platform to help developers address the needs of their users and it also brought more empowerment to knowledge workers to build the solutions they needed with our no-code and low-code platforms. These are just the highlights for the Google Workspace Platform and we look forward to more innovation in 2022. To keep up with all the news about the Platform, please subscribe to our newsletter.

Source: Google Developers Blog

Google Developer Group Spotlight: A conversation with software developer Aditi Soni

Posted by Manoranjan Padhy - Developer Relations Lead, India

Six years ago, Aditi Soni was new to computers and programming when she learned about Google Developer Groups (GDG) and Women Techmakers (WTM) from a senior at her university, the Shri Vaishnav Institute of Technology and Science, Indore. Then, everything changed when she joined a Google Developer Group in Indore, the largest city in Central India, which began as a 16th century trading hub.

“Initially, it was extremely overwhelming for me to be in that space, where so many accomplished professionals were present,” Aditi says of her first experiences attending GDG Indore. “I was very hesitant to go and have a conversation with them.”

But Aditi felt determined. Her friend Aditya Sharma taught her C and C++, and she practiced her programming skills on her smartphone, using tools like the C4droid Android app, because she didn’t have a laptop. By the time she got a laptop, she was off and running. Aditi began teaching herself Android development and landed an internship after her second year of college.

“I consider myself as an opportunity grabber,” Aditi writes in a post on her Medium blog. “ I never miss a single chance to become a better version of myself. I used to attend all community meetups and did not miss a single one.”

All her hard work paid off. In 2017, she became a Women Techmakers lead in Indore and took her first flight on an airplane to the WTM Leads Summit in Bangalore. The same year, she became a Microsoft Student Partner and attended Google Developer Days India. In 2018, Aditi earned the Google India Udacity Android Developers Nanodegree Scholarship, as one of the top 150 students from India, and graduated with a Bachelor’s of Engineering degree in computer science. In 2019, Women Techmakers awarded Aditi a travel grant to Madrid, Spain to attend the Firebase Summit.

Using the experience of being a woman in tech to encourage others to pursue STEM careers

Now, Aditi is a full-time software developer at Consultadd Incorporation, India, and a Women Techmakers Ambassador, and a GDG organizer for her local chapter in Pune. She contributes to the community as an organizer, speaker, and mentor.

“We organize monthly technical meetups to empower women and provide them with a platform to achieve their goals,” Aditi explains. “Being able to help others feels like I am giving it back to the community.”

Aditi says GDG and WTM have helped her develop technical skills and have also positively impacted her personal life.

“I had significant life experiences because of the Google Developer Group and Women Techmakers communities, including my first flight, my first hands-on experience with Google's trending technologies, and one-on-one interaction with Googlers and many great personalities while attending global summits,” she says. “All these things have helped me to be a person who can guide and help others and share my knowledge and experiences with hundreds of professionals today.”

Aditi describes herself as a community enthusiast, using her platform to encourage other women and students to pursue careers in technology, even if they’re brand-new to the field. She also enjoys mentoring new programmers.

“I am passionate about making an impact on others’ lives by sharing my journey and experiences and helping people face hurdles like mine with courage and confidence,” she says. “I enjoy helping people who are struggling to learn to code or who want to switch their careers to tech.”

image of Aditi presenting in a classroom

Supporting budding developers

Aditi acknowledges the adage, “Change is not easy,’’ especially when preparing for a career in technology.

“You may try very hard, give up so many times, and go through all that frustration, but remember not to quit,” she advises. “The moment you feel like quitting is the moment you need to keep pushing and get your reward.”

She has specific suggestions for making it easier to build new tech skills, too.

“Before learning a specific technology, understand yourself,” she suggests. “What works for you? What's your learning process? Then look for the appropriate resources. It can be a simple one-page tutorial or a full-fledged course. Everything is easy when the basics are clear and the foundation is strong.”

Aditi plans to continue contributing to the tech community in India and around the world, by sharing her insight, connecting with new people, and developing new technical skills. She recently welcomed a new member into her family–a baby girl–and she is growing her own regional tech community and providing so much to others in her area and the STEM field.

Know someone with a powerful story? Nominate someone in your community to be featured, or share your own personal stories with us through the story submission form!

Source: Google Developers Blog

Make Payments with Google Pay and Firebase

Posted by Stephen McDonald, Developer Relations Engineer, Google Pay

Connect Multiple Payment Gateways with Google Pay and Firebase

We recently launched a series of open source samples demonstrating the server-side integration between Google Pay and a variety of Payment Service Providers (PSPs). These samples also show how to create a unified interface for integrating multiple PSPs, making integrations as easy as possible by reducing the time investment in integrating multiple APIs and client libraries.

A recent study by 451 Research showed that for merchants with over 50% of sales occurring online, 69% of them used multiple PSPs. We first demonstrated with the aforementioned samples how you can implement a consistent interface to multiple PSPs, streamlining your codebase while also providing more flexibility for the future. We've now taken this one step further and brought this unified PSP interface to the Firebase platform, by way of a Firebase Extension for Google Pay, making it easier than ever to integrate Google Pay with one or more PSPs.

Google Pay Firebase Extension

Firebase Extensions are open source pre-packaged bundles of code that developers can easily pull into their apps, and are designed to increase productivity, and provide extended functionality to your apps without the need to research, write, or debug code on your own. Following this line, the Google Pay Firebase Extension brings the unified PSP interface to developers' Firebase apps.

With the Google Pay Firebase Extension installed, you can pass a payment token from the Google Pay API to your Cloud Firestore database. The extension will listen for a request written to the path defined during installation, and then send the request to the PSP's API. It will then write the response back to the same Firestore node.

Open Source

Like all Firebase Extensions, the Google Pay Firebase Extension is entirely open source, so you can modify the code yourself to change the functionality as you see fit, or even contribute your changes back via pull requests - the sky's the limit.

Furthermore, as the extension is backed by the aforementioned PSP samples project, the same set of PSPs are supported. Want to see your favorite PSP supported? Head on over to the PSP samples project which contains instructions for adding it.

Summing it up

Whether you're new to Google Pay or Firebase, or an existing user of either, the new Google Pay extension is designed to save you even more time and effort when integrating Google Pay and any number of Payment Service Providers with your application.

Get started with the extension today in the Firebase console.

What do you think? Follow us on Twitter for the latest updates @GooglePayDevs

Do you have any questions? Let us know in the comments below or tweet using #AskGooglePayDevs.