The correct way for them to handle this was to defer to AccountManager and allow Android to handle the Google authentication.
Similarly, users should not give credentials to 3rd party applications. I would not give Samsung my Gmail login, nor would I give it to Facebook to let them scrape contacts.
Similarly, users should not give credentials to 3rd party applications. I would not give Samsung my Gmail login, nor would I give it to Facebook to let them scrape contacts.