I created my own OAuth 2.0 and OpenID Connect Provider using IdentityServer4 in ASP.NET Core. I am now trying to create an Android app (my very first Android app) that uses my provider to authenticate the users, using the Authentication Code + PKCE flow.
I looked around for a client SDK for Android, and found one called AppAuth, https://github.com/openid/AppAuth-Android. But it looks like it is not to a full release, since that last release was 0.7.1, which was released a year and a half ago. Should this be used? Should I worry about it not being >= 1.x.x? Any good tutorials on implementing the Authentication Code + PKCE flow?
I also heard that maybe AccountManager might be what I am looking for. I could not find any documentation on how to implement OAuth 2.0 and OpenID Connect flows via AccountManager. Anyone know have a good tutorial how to do this?
Any other suggestions on how to get this working?
Interested in thoughts on alternative standards based libraries also.
As far as I'm aware this remains the most respected library that works across vendors - but they have been struggling for contributors.
The likes of Okta and Auth0 have good Android libraries worth borrowing ideas from. They may be vendor specific in places though.
Out of interest I integrated AppAuth into a fairly complete (Kotlin / Single Activity) sample recently, so it seems to work fine with the latest Android tech:
Write up + code sample
I found the reliability and usability tricky, since Chrome Custom Tabs adds some technical complexity.
Related
I basically want to want to authenticate with ADFS as an external identity provider in a native ios/android app. Preferably with a seamless login experience, but that may be asking to much.
The setup that I want is pretty much the one described here except that I moved the identity stuff to an STS project. The ios and android apps are accessing the web api.
I also used this pluralsight course.
Now I "just" need a way to use the credentials received from the mobile app to issue an access token.
I need to know if I am on the right path. I am using:
IdentityServer3.
Oauth2 and OpenID Connect. (using password grant)
The solution has to work on adfs 3.0.
NET 4.6 web api and mvc solutions running in azure.
I have been looking at the ADAL.NET project, but that seems to be primarily for Xamarin and I already have the ios and android developed natively.
Questions:
What is the best approach going forward?
Are there any (perhaps new) technologies that i am completely
missing?
Your basic problem is that with ADFS 3.0, there is no OpenID Connect support and very limited OAuth support - basically just auth. code grant for web API.
Much along these lines.
If you want the full stack (ala what you have with idsrv3), you need ADFS 4.0.
You could federate idsrv3 with ADFS using WS-Fed for the final hop.
We at Wishbook have a B2B mobile application (Android & iPhone), wherein we are looking to implement Text & photo communication - between users 1-to-1, or from a user to his group of buyers. We are keen on something that can get us upto speed ASAP, offers good support, is mature library / server, and is also battery friendly.
We are now comparing between Layer, Applozic, QuickBlox & SendBird. Anyone used them? What protocols (XMPP / MQTT / custom / other) are used by them? Experience using it - interms of stable code base, etc? Also - we prefer open-source & more pocket friendly product as well.
Thanks,
Arvind
I have recently just tested two of the solutions you have cited.
QuickBlox :
protocol xmpp
open source
documentated less clearly than applozic
easy set up
Applozic :
protocol mqtt
open source easy set up, if a bit laborious
well documented, and very easy API to use.
Very customizable.
Both programs:
have video call/audio call/groups
have code bases that are constantly being updated, and from their Github pages new version have been released in the past few months
I preferred Applozic as the user interface was nicer and easier to use, and the features and pricing clearer. I also preferred the API and the setup code was easier.
I also had similar question.
The following charts mentioned in the articles helped me finalise the chat api to be used.
Feature Comparison and
Pricing
Applozic has cross app communication and broadcast messaging as well. Support is very quick with Applozic.
How to integrate Aweber in android ,i research lot but there is no source code for this, so please help and should be appreciated
AWeber doesn't currently have a ready-made Android client library. You can approach this in a couple of ways:
One possibility is to implement your own API code. AWeber's API uses REST-based resources over standard HTTPS, and uses oAuth 1.0a for authentication. There should be libraries available for Android development that can accomodate your needs - I know that there have been successful "home-rolled" Java, .Net, and other integrations done by third parties so I don't see why Android should be any different.
In this case, I would suggest using the official Python or PHP library as an example of how your code can be implemented. In particular the PHP library has all of the oAuth code out "in plain sight" so it's useful in gaining insight into how authentication works.
Another interesting possibility is to attempt to use the AWeber Python module along with some of the open source projects out there that purport to allow developers to use Python on Android. I find this possibility personally intriguing but I haven't had the spare time to try it out.
While AWeber doesn't currently offer support for Android itself, the API team has documented the authentication process in some detail here:
https://labs.aweber.com/docs/authentication
That reference may help you out if you decide to go the route of rolling your own library.
If you run into any issues with your library, definitely contact the API Support team at api#aweber.com - while they may not have direct support for Android right now, they can often be of assistance in debugging your own library based on what they see on the server side.
I cannot work this out to save my life!
So, I have a Codeigniter based REST api with an OAUTH 2.0 (draft 23 or something) server for my own auth system (not using Twitter or FB)
I want to be able to use this to allow users to "log in" to my Android app.
I can't find any information about this on the internet anywhere. There are a couple of unsupported OAUTH 2.0 client libraries out there, such as Leeloo (which moved to Apache Amber, which hasn't been updated for over a year, and there have been no releases under Amber).
My questions therefore are:
Is OAUTH 2.0 too new? It seems to be a couple of years old... is it still too new to work with. Should I be using OAUTH 1? (which seems to be unsupported anyway - all the codeigniter OAUTH 1 libs have moved to 2.0).
Should I be using a completely different technology? e.g. I have heard of "xauth". Again information on this seems to be pretty sketchy.
Is it something easy enough to do myself? It doesn't appear so, but do most people just create their own homebrew solutions? I can't find much info about this either.
Any help you can give me will be great. Any resources you can point me too as well will be pretty amazing.
Thanks for your time.
No, OAuth 2.0 is old enough to be supported by some good open source libraries. You could e.g. use scribe.
Sorry, I don't know enough about XAuth yet to help you with that.
Yeah, it's really easy using scribe. To support a custom Provider you simply have to extend org.scribe.builder.api.DefaultApi20. As your using the same Draft of OAuth 2.0 as Google does, you can use the implementation for the Google API in Thomas Bruyelle's fork of scribe as a blueprint. This article should get you started for using scribe with Android. You could further check out the Google example from the scribe fork here.
I am looking into building an android app, which holds some simple data (probably stored in sqlite). I also have a app engine app which I intend to be an online data store for the information (the app engine app is wrote in python).
The question here is, what is the best way to authenticate a user with the app and how to get the data from the android app to the Google data store?
Thanks
Mike
You could use Google Account authentication and follow this useful post about Authenticating against App Engine from an Android app
You can also give a look at the SampleSyncAdapter sample from the SDK
If you want to authenticate using OAuth, you can do that. The only trick is that you need to launch the flow in an internal WebView, because App Engine's OAuth implementation doesn't allow custom protocols in the redirect. I recommend the Signpost library. If you'd like an example, the 2cloud Android client is licensed under the MIT license (full disclosure, I'm the lead dev for 2cloud). The benefit of this is it allows you to support Android 1.5 and higher. The Accounts API is only supported starting in 2.1.
Another option is the Accounts API. #systempuntoout has good links for that, so I won't reinvent the wheel here.
Finally, it might be worth taking a look at the App Engine-powered Android Eclipse project that was demo'd at I/O this year. It makes keeping code in sync and shared between the two simple. Only downsides are it requires Android 2.2 or higher, and it requires you to write in Java on the App Engine side and GWT for the client side.