Android Authentication With Google Openid. What Next?
Solution 1:
Actually, OAuth 2 is what you want, rather than OpenID -- OpenID is inherently web-based, so you'd need to jump through some hoops with WebView or the browser. OAuth 2 allows you to use the token from AccountManager with Google APIs right from the app.
In your call to getAuthToken(), the authTokenType parameter is the OAuth 2 scope, which you want to be userinfo.profile and userinfo.email to authenticate the email address (you already have it, but you haven't verified it; it could in theory be spoofed) and to get the name of the user.
Here's what I use for the full scope in a similar situation:
privatestaticfinalStringOAUTH2_SCOPE="oauth2:" +
"https://www.googleapis.com/auth/userinfo.profile" +
" " +
"https://www.googleapis.com/auth/userinfo.email";
Of course, you could just use the whole string literal inline, but I prefer to build it up and be clear, and it makes it easier to change later if necessary.
In my case, I use getAuthTokenByFeatures(), something like this:
am.getAuthTokenByFeatures("com.google", OAUTH2_SCOPE, null, this, null, null,
new AccountManagerCallback<Bundle>()
{
publicvoidrun(AccountManagerFuture<Bundle> future) {
try {
Bundle bundle = future.getResult();
System.out.println("Got Bundle:\n" +
" act name: " +
bundle.getString(AccountManager.KEY_ACCOUNT_NAME) +
"\n act type: " +
bundle.getString(AccountManager.KEY_ACCOUNT_TYPE) +
"\n auth token: " +
bundle.getString(AccountManager.KEY_AUTHTOKEN));
} catch (Exception e) {
System.out.println("getAuthTokenByFeatures() cancelled or failed:");
e.printStackTrace();
}
}
}, null);
but you can apply the same idea to your code. You can then use the OAuth token with Google User Info API, as described in Using OAuth 2.0 for Login to verify the email and get the user's name.
Post a Comment for "Android Authentication With Google Openid. What Next?"