I'm integrating PayPal in my Android app. I have successfully done the part where we can redirect to Paypal Activity by setting price, currency, and PayPalPaymentIntent. What I'm looking for is not available anywhere. I want to make Paypal transaction by using the access token. I'm getting token from the server-side. My client do not want to set the price from app side so that's why he's sending me the token.
My question is how do I set the token in PayPalPayment instead of price and currency? Below is my existing code.
private fun processPaypalPayment() {
val paypalPayment =
PayPalPayment(BigDecimal("1"), "USD", "Test", PayPalPayment.PAYMENT_INTENT_SALE)
val intent = Intent(this#PackagesActivity, PaymentActivity::class.java)
intent.putExtra(PayPalService.EXTRA_PAYPAL_CONFIGURATION, config)
intent.putExtra(PaymentActivity.EXTRA_PAYMENT, paypalPayment)
startActivityForResult(intent, PAYPAL_REQ_CODE)
}
Access token is the wrong term. What you need from the server is for it to create a PayPal order ID (via the v2/checkout/orders API) and send this id to your app, for the approval flow. After approval you communicate the id back the server so it can capture it, store any resulting successful capture in its database, and immediately return the result of the capture (success or particular error) to the calling app.
Documentation for such a server-side integration with Native Checkout for Android can be found here, basically you need to use the actions .set() with the created id as a parameter
payPalButton.setup(
createOrder = CreateOrder { createOrderActions ->
val orderId: String // Retrieve your order ID from your server-side integration
createOrderActions.set(orderId)
}
)
If this code doesn't look familiar you are probably attempting to use a deprecated android SDK rather than the current Native Checkout one. Don't do that, it's very old and won't be accepted by the app store.
Related
I'm using firebase in Android Studio with kotlin.
I want to know whether login account is email-register account or google social account.
As I know, if FirebaseAuth.getInstance().currentUser.providerId is "google.com", user used google social login.
And if providerId is "password", user used email register with firebase.
But only I can get "firebase" from providerId.
How can I solve it?
It it is neccessary for making login function.
I can get only "firebase" from providerId.
According to the API documentation, getProviderId() (or just providerId for Kotlin) will always return FirebaseAuthProvider#PROVIDER_ID (which is equal to "firebase").
If you want to determine which authentication channel was used to get this Firebase ID Token, you need to use getProviderData() which contains the UserInfo objects returned from the social logins.
val auth = FirebaseAuth.getInstance();
val hasLinkedGoogleUser = auth.providerData.any{ it.providerId == GoogleAuthProvider.PROVIDER_ID }
I've tested the Stripe's PaymentSheet for PaymentIntents, passing the payment intent client secret, the customer id and the ephemeral key.
I succeeded on closing a payment, both with and without the bank verification step.
I'm trying to use the SetupIntent because I need to authorize now a payment but to bill users in the future. So I've generated a scheduled subscription for a customer and obtained a setup intent client secret.
My problem is, when I call
paymentSheet.presentWithSetupIntent(
setupIntentClientSecret,
PaymentSheet.Configuration(
merchantDisplayName = Constants.MERCHANT,
customer = PaymentSheet.CustomerConfiguration(
customerId,
ephemeralKeySecret
)
)
)
I see the payment sheet coming out from the bottom with only an infinite progress bar, as if the setup intent was invalid.
As the title says, I'm trying to use the Google Sign-In API with a Spring Boot backend server, as described here.
Just to describe the context, the Spring backend is basically a resource+authentication server, that is currently providing Oauth2 authentication to a second spring boot application containing the frontend website, via Google SSO or simple form login (similar to what's described here).
My original idea was to mimic the #EnableOauth2Sso annotation by simply providing an access token to the android app and attach it to every request as "Bearer ".
Using the user credentials for this was pretty straightforward: I simply make a request to the server at "/oauth/token", using those credentials inserted by the user as authentication and I correctly receive the access token.
Now, I have absolutely no idea on how to build a similar procedure with the Google API in Android. The tutorial page I linked before describes how to get a token ID and how the server should validate it, but after that I don't know what to do.
So far I've managed to add a filter to the security chain that simply checks the token like this:
private Authentication attemptOpenIDAuthentication(#NonNull String tokenString){
String clientId = authServices.getClientId();
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, factory)
.setAudience(Arrays.asList(clientId, androidClient))
.build();
try {
GoogleIdToken token = verifier.verify(tokenString);
if (token != null) {
return authServices.loadAuthentication(token.getPayload());
} else {
throw new InvalidTokenException("ID token is null");
}
} catch (GeneralSecurityException | IOException e) {
throw new BadCredentialsException("Could not validate ID token");
}
}
This manages indeed to create an Authentication object, but how can I generate an access token after the authentication filtering?
To recap, so far I've got:
The Android app successfully retrieves the Google token ID and sends it to the server
The server sucessfully intercepts the request and validates the token
I'm basically missing the third point where I return a proper access token to the Android client.
Here you are a simple scheme to better understand the situation:
Is there any other way to validate the token and get an access token from the server, or should I completely change the authentication procedure on Android?
As far as I can tell: Yes, you need an access token from the server. If I understand this correctly, a webapp is already authenticated via Oauth on your backend, so the procedure is similar here: Load the user with the google-ID and generate a token. In my application I used a JWT which is valid for 30 days. If the token expires, the Google authentication in the app is usually still valid, so the token can be renewed using the Google ID. With Oauth you can also send a refresh-token directly.
It is important that the app always checks the Google authentication first and only in a second step that of the backend.
For the Authentication process on the backend u may need to manually implement a dedicated securityConfiguration for this. Have a look at the jhipster project, they implemented a custom jwt-authentication which may give you an idea how it works.
I'm using Google AppEngine, and I'm using their UserService class to handle user accounts and logging in. I don't need to access any information about their account - I'm just using it to differentiate users.
Now the website is mostly just a backend. I'm using an Android app for the frontend. I know you can access Google user accounts on the device using the AccountManager. It's definitely the safest way to get a user to log in. And I got that much to work.
Where I'm stuck is passing the login information from the Android app to the AppEngine website. From what I've ready I should be using OAuth, and I see the walkthrough here for using it with Google APIs, but I don't need to access an API, just to log in. I've been able to acquire an Authentication Token in the app, but I'm not sure how to pass it to the website, or if that's even the right direction. Should I be using a specific OAuth login on the server, like this guy?
Any help would be greatly appreciated!
Here's the relevant code:
Server (GAE):
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
if (user == null) {
resp.sendRedirect(userService.createLoginURL(req.getRequestURI()));
return;
}
Client (Android):
AccountManager am = AccountManager.get(this);
Account[] accounts = am.getAccountsByType("com.google");
Bundle options = new Bundle();
am.getAuthToken(
accounts[0], // Account retrieved using getAccountsByType()
"Manage your tasks", // Auth scope
options, // Authenticator-specific options
this, // Your activity
new OnTokenAcquired(), // Callback called when a token is successfully acquired
new Handler(new OnError()));
//Now what!?
This blog post covered exactly what I needed.
For two alternate (and in my opinion less than ideal) solutions, check out this thread: Webservice credentials - OpenID/Android AccountManager?
We have developed and published an app for Google Health. Now we want to avoid every time logging into the gmail account by asking username and password.
So as to do this i have heard that I can have following options.
1. OAuth
2. Account Manager
3.
The problem with OAuth is that it will go via Android -> Web App -> Health path so i will need to develop an web app as well which we dont wish to do it right now.
So I am trying to use Account Manager, here is my code with which I could get list of accounts and an valid authToken for the selected account.
AccountManager mgr = AccountManager.get(getApplicationContext());
System.out.println("Got account manager");
Account[] accts = mgr.getAccounts();
}
Account acct = accts[0];
AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "android", null, this, null, null);
Bundle authTokenBundle = accountManagerFuture.getResult();
System.out.println("Account name "+accts[0].name);
String authToken = authTokenBundle.get(AccountManager.KEY_AUTHTOKEN).toString();
System.out.println("Got token:"+authToken);
But now I am confused about how to use this token to access the health data.
For getting the demographic feed we used the following code,where we explicitly made user to login into our application.
String queryURL = "https://www.google.com/health/feeds/profile/ui/" + profileId +"/-/DEMOGRAPHICS";
getDemoGrInfoQuery = new Query(new URL(queryURL));
Feed dempGrResultFeed;
globals = new Globals();
dempGrResultFeed = healthService.query(getDemoGrInfoQuery, Feed.class);
And thus we used to get the Feed using the URL.
And now I want to skip the login process and use the above authToken for retrieving the feed. How can this be done?
Any help would be really appreciated!!!
Thanks in advance,
As the standard OAuth procedure is supposed to work, you open the OAuth URL in a WebView (or anything similar) with all the required parameters, users provide Google (not your app) with their user name and password, then google gives you a token which you can use for your future communications.
This way the user doesn't have to give you their login credentials. They give it only to google, and google gives you a token which will authenticate your app every time you use it.
I think you should be good to go with this, since it requires you to open a WebView only once, unless the user logs out of google using your application or denies access to your application.
After getting the token, you just start polling google with that token and never ask user for their login credentials. quite seamless.
UPDATE
After our conversation in chat, let me tell you that you'll have to register an application with google, which will give you an appID, this appID will be used by your Android app to tell google that it is requesting permission on behalf of the Application which this appID refers to.
UPDATE 2
open the Google OAUth with all the parameters, google will give you a code
use that code and create a POST request again to google, and google will now return a long lasting AccessToken
You can then use this AccessToken in all your future communications