I'm following this sample tutorial for https://developer.xamarin.com/guides/xamarin-forms/cloud-services/authentication/oauth/
After download the sample, I follow the instructions and change all my clientID endpoint.I got into the Google Sign In page and browser manage to close. After browser close, it always got into OnAuthError and error message is "Error authenticating : invalid_request"
I couldn't get the OnAuthCompleted fired. Its always got into OnAuthError.
void OnLoginClicked(object sender, EventArgs e)
{
string clientId = null;
string redirectUri = null;
switch (Device.RuntimePlatform)
{
case Device.iOS:
clientId = Constants.iOSClientId;
redirectUri = Constants.iOSRedirectUrl;
break;
case Device.Android:
clientId = Constants.AndroidClientId;
redirectUri = Constants.AndroidRedirectUrl;
break;
}
var authenticator = new OAuth2Authenticator(
clientId,
null,
Constants.Scope,
new Uri(Constants.AuthorizeUrl),
new Uri(redirectUri),
new Uri(Constants.AccessTokenUrl),
null,
true);
authenticator.Completed += OnAuthCompleted;
authenticator.Error += OnAuthError;
AuthenticationState.Authenticator = authenticator;
var presenter = new Xamarin.Auth.Presenters.OAuthLoginPresenter();
presenter.Login(authenticator);
}
async void OnAuthCompleted(object sender, AuthenticatorCompletedEventArgs e)
{
var authenticator = sender as OAuth2Authenticator;
if (authenticator != null)
{
authenticator.Completed -= OnAuthCompleted;
authenticator.Error -= OnAuthError;
}
User user = null;
if (e.IsAuthenticated)
{
// If the user is authenticated, request their basic user data from Google
// UserInfoUrl = https://www.googleapis.com/oauth2/v2/userinfo
var request = new OAuth2Request("GET", new Uri(Constants.UserInfoUrl), null, e.Account);
var response = await request.GetResponseAsync();
if (response != null)
{
// Deserialize the data and store it in the account store
// The users email address will be used to identify data in SimpleDB
string userJson = await response.GetResponseTextAsync();
user = JsonConvert.DeserializeObject<User>(userJson);
}
if (account != null)
{
store.Delete(account, Constants.AppName);
}
await store.SaveAsync(account = e.Account, Constants.AppName);
await DisplayAlert("Email address", user.Email, "OK");
}
}
void OnAuthError(object sender, AuthenticatorErrorEventArgs e)
{
var authenticator = sender as OAuth2Authenticator;
if (authenticator != null)
{
authenticator.Completed -= OnAuthCompleted;
authenticator.Error -= OnAuthError;
}
Debug.WriteLine("Authentication error: " + e.Message);
}
I have read through all the related links. The closest questions I got from SO is this : Xamarin.Forms Google API Authenticating Users with an Identity Provider
but it still failed after configure the setting and update my packages. I'm using Xamarin.Auth 1.5.0.3 (latest stable version)
Any real hero outside can run this tutorial and make it work?
The problem is that I am using Type : "Others" at the Google Console Developer website. When I switch back the Type: "Android". It's working.
Related
Android app Akita Security in Google Play
https://play.google.com/store/apps/details?id=com.highiot.mob
Application have subscription to purchase. After the user purchase it from his device, I see the purchase token of his purchase and call publisherService.Purchases.Subscriptions.Get
to see name and email of user that purchased my subscription.
My problem is that EmailAddress, GivenName and FamilyName fields that returned in the response to Get are null.
Other fields like price, country etc. are OK.
Code of purchase in my app:
private async void Purcase(string productId)
{
try
{
var connected = await CrossInAppBilling.Current.ConnectAsync();
if (!connected)
{
//Couldn't connect to billing, could be offline, alert user
return;
}
//try to purchase item
CrossInAppBilling.Current.InTestingMode = true;
var purchase = await CrossInAppBilling.Current.PurchaseAsync(productId, ItemType.Subscription, "apppayload");
if (purchase == null)
{
//Not purchased, alert the user
}
else
{
//Purchased, save this information
var id = purchase.Id;
var token = purchase.PurchaseToken;
var state = purchase.State;
bool status = false;
if (state == PurchaseState.PaymentPending)
{
status = true;
}
ViewModel.SendSubscription(productId, token, "Google", status);
}
}
catch (Exception ex)
{
//Something bad has occurred, alert user
}
finally
{
//Disconnect, it is okay if we never connected
await CrossInAppBilling.Current.DisconnectAsync();
}
}
Code when I call Google API Subscriptions.Get:
static async Task Main(string[] args)
{
bool acknowledge = false;
string projectId = "robotic-circle-243009";
string subscriptionId = "highiot-admin-api";
var _credentialsJson = "HighIoT_key.json";
Environment.SetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS", Path.Combine(AppDomain.CurrentDomain.BaseDirectory, _credentialsJson));
SubscriptionName subscriptionName = new SubscriptionName(projectId, subscriptionId);
SubscriberClient subscriber = await SubscriberClient.CreateAsync(subscriptionName);
GoogleCredential credentialsPlay;
using (var key = new FileStream(_credentialsJson, FileMode.Open, FileAccess.Read))
credentialsPlay = GoogleCredential.FromStream(key).CreateScoped(Scope.Androidpublisher);
var publisherService = new AndroidPublisherService(new BaseClientService.Initializer
{
HttpClientInitializer = credentialsPlay
});
var request1 = publisherService.Purchases.Subscriptions.Get("com.highiot.mob", "com.highiot.mob.test_subsription", "nceeeoihojjngafdmfmahbii.AO-J1Ow8yISTj4C6MW4mKgXYp9Tizo7iZ8JP6PgIRenFLHj4xHaAuCxffDL5jaxEzq_t2IopZXXa4_uLyZYBsXMwk_wn3pwMXoL9rNDWJoZV8SCkVsXcAlaMJe0l2Mn_-OhhuHbjPVP8Tn0ruP4WUlxGPyxUjkNv_Q");
var response1 = request1.Execute();
}
Response I get in response1:
Name Value
◢ response1 {Google.Apis.AndroidPublisher.v3.Data.SubscriptionPurchase}
AcknowledgementState 1
AutoRenewing false
AutoResumeTimeMillis null
CancelReason 0
▶ CancelSurveyResult {Google.Apis.AndroidPublisher.v3.Data.SubscriptionCancelSurveyResult}
CountryCode “UA”
DeveloperPayload “apppayload”
ETag “\”kLoaNGFQwzHXpxRSLTfX9req9yE/1xXhq0Lm_lUloQUDN3UhbVIoE08\””
EmailAddress null
ExpiryTimeMillis 1568883651389
FamilyName null
GivenName null
Kind “androidpublisher#subscriptionPurchase”
LinkedPurchaseToken null
OrderId “GPA.3309-8881-6545-64850”
PaymentState 1
PriceAmountMicros 21990000
PriceChange null
PriceCurrencyCode “UAH”
ProfileId null
ProfileName null
PurchaseType null
StartTimeMillis 1566205275451
UserCancellationTimeMillis 1566209506502
Credentials file HighIoT_key.json:
{
"type": "service_account",
"project_id": "robotic-circle-243009",
"private_key_id": "cb017791695e97d8b2ab68ae94d940ba07def824",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDPJxCrGu1o1AdD\neiBtuxPS/0wdF4chN5KqK0hR8E6x7qfd30I9zI5k07msD3qEo2iuBWwohIeUCWLh\n5x0Xkkx8ADQqWh9Z0HlWcx8JEFIqeKGy+l7j8mnLtv71xxnUSZdPuE7VQhNt9U2F\ng/uCehcF5rRYKsb9m//uS1dzAFfPepnwgOyAbxL91EUX8TFpfjqonof+pV4N4kTd\nT+U6YcK9FEyQCBUIMW3SJRYQE3lVjxKOVI7osoh3ileMMyFmYhROkuHgL4dMijHa\nXtI6d+8ZkbBtmGy28yYFzMwFKdyb5r9locpcpfXRJnRFRgEHRkGBkvAjdQo/KeNp\nznDsEzKlAgMBAAECggEAMrYJ/xEm+EgbhRnDEYnAFyGXVPHbCzcrCMxytlhhM27M\nmmSatz05yJYKOIRLhmfoat159ktHU2ae1dV5ijkuzxZPruSEEz0VTyP8f4AG1U3V\nq9Zd32iLHKsuLCWy/YSMbaAdcFhuIDdyZFKEghL4SuII2SKTtyb21rOL82Osm2Yj\niiB+04huCKOXvau86284c6GuTtUCRRGPuT85LsV4gQvSLa9gSm9UrMonKktXjdRA\nZenOYtofc4gVjIFozHZwLWleSaM/9jaX0IJ7uct3G1DObqEptCfQnSRQsa1Mtv6e\nXSazGPYMAGW+XOF/yWwuM0zCyI3GyEbc989PI/4IuwKBgQD1Yz3qAeQGYMToLNb7\nUMd0OtWxJFHHa2J97Dwlv73/aGroByAkc4bmYo2ub1YW/JVcyu94IfNR0wHGiV07\ncwFOkYlEYDMWv11VMBeqhHrLmk242jM1ZxhIoNC59RcSBnQHnbvHCe2FugKH7s51\nSHV8EUWR+CkIpZRLNIJBEXv4BwKBgQDYHIMBJ0vYE0O+EvJHR3DQrOQN4xLb2GlI\nFvN1+6N2oox5yfXUlHLi9g138cJnqpayERGE9lZfphSoAtgcgidwJDx7VCkf5C+Q\n8P4wkgL24svZhcJJI2xmnTV8LrG6nU81bUu5dyGTnFeeVPQLcoscVKyII1NbXPBc\nIPbmTAoc8wKBgEl7K2osoMTMK4q/Cq19Ngz3JVCDaL3HyVmd6TEApvuZoBHVOGnR\n8n6A2p52lpgRkQSVfHpD6GIDRs/WCIYp3SVS7YD9Ma9JJMDCwwN74m2fylBlftoq\nAhqVlYtp+jualRpGwJlMvsTBu8pK16ZFSXEalvOsFVWSh8KxeaPUgYP3AoGAT0oe\nspSlWhCvYRR4ebh3ZsiYH5Q5fhmnfwCUsKvzrHo1ChYUMLuKb0URafl0dy56fbiP\ncfYjeJJpr77jZYpHR/izjBgzwnSpEweoa0+W8NgDLLrLrqPliLyTPA2xvaMrxZFl\nIBXaZtsMtpW6uFx9N5bFemljkvjFYzfg/lvVtgsCgYEAqMQ8CEjizn91k8ACK6Fs\nFQkCLjSl5h/lvES0+VZDlWMIwos0e6a7vsTVg0IoJ32hY2a7E6R37MbHP2o6lJiS\njJPzBd5pa803DYl8ehId0/8PAUsMscK6LKPblQW9QzoYk5yEjhU1bFLJQfLmmQsV\neRHZgYsNE/U60DnuZsv4wZg=\n-----END PRIVATE KEY-----\n",
"client_email": "highiot-server#robotic-circle-243009.iam.gserviceaccount.com",
"client_id": "110565816019675715733",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/highiot-server%40robotic-circle-243009.iam.gserviceaccount.com"
}
On Google Play Console:
I link the project to the google play console
I add the Service account to the google play console
It's present in the user menu of google play console
ON GOOGLE API DEVELOPER CONSOLE
I give him permission
In google developer console I gave permission to the service account
And of course I've enabled the google Play Android Developer Api
And added scope to see user info
Apologies for the confusion, but the fields you mention are only for when users Subscribe with Google. For an exhaustive list of fields that and the conditions under which they are available, please see https://developers.google.com/android-publisher/api-ref/purchases/subscriptions
I check pending deferred deeplinks on different devices and android versions
and some devices cant get deferred deeplink.
But when I reset Advertising ID in device settings, device starts get deferred deeplink
void Start()
{
if (FB.IsInitialized)
{
FB.ActivateApp();
}
else
{
FB.Init(() => {
FB.ActivateApp();
FB.Mobile.FetchDeferredAppLinkData(DeferredAppLinkData);
});
}
}
void DeferredAppLinkData(IAppLinkResult result)
{
string targetUrl = string.Empty;
completeLink.text = result.ToString();
if (!String.IsNullOrEmpty(result.TargetUrl))
{
targetUrl = result.TargetUrl;
deepText.text = targetUrl;
}
deepText.text += "'n = " + targetUrl;
}
When I first log into my app, I go through the following code:
auth = new Xamarin.Auth.OAuth2Authenticator(
"my-google-client-id.apps.googleusercontent.com",
string.Empty,
"openid",
new System.Uri("https://accounts.google.com/o/oauth2/v2/auth"),
new System.Uri("com.enigmadream.storyvoque:/oauth2redirect"),
new System.Uri("https://www.googleapis.com/oauth2/v4/token"),
isUsingNativeUI: true);
auth.Completed += Auth_Completed;
StartActivity(auth.GetUI(this));
Which triggers this activity:
[Activity(Label = "GoodleAuthInterceptor")]
[IntentFilter(actions: new[] { Intent.ActionView }, Categories = new[] { Intent.CategoryDefault, Intent.CategoryBrowsable },
DataSchemes = new[] { "com.enigmadream.storyvoque" }, DataPaths = new[] { "/oauth2redirect" })]
public class GoodleAuthInterceptor : Activity
{
protected override void OnCreate(Bundle savedInstanceState)
{
base.OnCreate(savedInstanceState);
Android.Net.Uri uri_android = Intent.Data;
Uri uri_netfx = new Uri(uri_android.ToString());
MainActivity.auth?.OnPageLoading(uri_netfx);
Finish();
}
}
And finally this code to link the account to Cognito:
private void Auth_Completed(object sender, Xamarin.Auth.AuthenticatorCompletedEventArgs e)
{
if (e.IsAuthenticated)
{
var idToken = e.Account.Properties["id_token"];
credentials.AddLogin("accounts.google.com", idToken);
AmazonCognitoIdentityClient cli = new AmazonCognitoIdentityClient(credentials, RegionEndpoint.USEast2);
var req = new Amazon.CognitoIdentity.Model.GetIdRequest();
req.Logins.Add("accounts.google.com", idToken);
req.IdentityPoolId = "us-east-2:79ebf8e1-97de-4d1c-959a-xxxxxxxxxxxx";
cli.GetIdAsync(req).ContinueWith((task) =>
{
if ((task.Status == TaskStatus.RanToCompletion) && (task.Result != null))
{
ShowMessage(string.Format("Identity {0} retrieved", task.Result.IdentityId));
}
else
ShowMessage(task.Exception.InnerException != null ? task.Exception.InnerException.Message : task.Exception.Message);
});
}
else
ShowMessage("Login cancelled");
}
This all works great, and after the login, I am able to use my identity/credentials to retrieve data from DynamoDB. With this object:
Amazon.DynamoDBv2.AmazonDynamoDBClient ddbc = new Amazon.DynamoDBv2.AmazonDynamoDBClient(credentials, RegionEndpoint.USEast2);
The second time I run my app, this code runs:
if (!string.IsNullOrEmpty(credentials.GetCachedIdentityId()) || credentials.CurrentLoginProviders.Length > 0)
{
if (!bDidLogin)
{
var idToken = credentials.GetIdentityId();
ShowMessage(string.Format("I still remember you're {0} ", idToken));
And if I try to use the credentials with DynamoDB (or anything, I assume) at this point, I get errors that I don't have access to the identity. I have to logout (credentials.Clear()) and login again to obtain proper credentials.
I could require that a user go through the whole login process every time my app runs, but that's a real pain because the Google login process requires the user to know how to manually close the web browser to get back to the application after authenticating. Is there something I'm missing about the purpose and usage of cached credentials? When I use most apps, they aren't requiring me to log into my Google account every time and close a web browser just to access their server resources.
It looks like the refresh token needs to be submitted back to the OAuth2 provider to get an updated id token to add to the credentials object. First I added some code to save and load the refresh_token in a config.json file:
private Dictionary<string, string> config;
const string CONFIG_FILE = "config.json";
private void Auth_Completed(object sender, Xamarin.Auth.AuthenticatorCompletedEventArgs e)
{
if (e.IsAuthenticated)
{
var idToken = e.Account.Properties["id_token"];
if (e.Account.Properties.ContainsKey("refresh_token"))
{
if (config == null)
config = new Dictionary<string, string>();
config["refresh_token"] = e.Account.Properties["refresh_token"];
WriteConfig();
}
credentials.AddLogin("accounts.google.com", idToken);
CognitoLogin(idToken).ContinueWith((t) =>
{
try
{
t.Wait();
}
catch (Exception ex)
{
ShowMessage(ex.Message);
}
});
}
else
ShowMessage("Login cancelled");
}
void WriteConfig()
{
using (var configWriter = new System.IO.StreamWriter(
Application.OpenFileOutput(CONFIG_FILE, Android.Content.FileCreationMode.Private)))
{
configWriter.Write(ThirdParty.Json.LitJson.JsonMapper.ToJson(config));
configWriter.Close();
}
}
public void Login()
{
try
{
if (!string.IsNullOrEmpty(credentials.GetCachedIdentityId()) || credentials.CurrentLoginProviders.Length > 0)
{
if (!bDidLogin)
{
var idToken = credentials.GetIdentityId();
if (ReadConfig())
{
LoginRefreshAsync().ContinueWith((t) =>
{
try
{
t.Wait();
if (!t.Result)
FullLogin();
}
catch (Exception ex)
{
ShowMessage(ex.Message);
}
});
}
else
{
credentials.Clear();
FullLogin();
}
}
}
else
FullLogin();
bDidLogin = true;
}
catch(Exception ex)
{
ShowMessage(string.Format("Error logging in: {0}", ex.Message));
}
}
private bool ReadConfig()
{
bool bFound = false;
foreach (string filename in Application.FileList())
if (string.Compare(filename, CONFIG_FILE, true) == 0)
{
bFound = true;
break;
}
if (!bFound)
return false;
using (var configReader = new System.IO.StreamReader(Application.OpenFileInput(CONFIG_FILE)))
{
config = ThirdParty.Json.LitJson.JsonMapper.ToObject<Dictionary<string, string>>(configReader.ReadToEnd());
return true;
}
}
Then refactored the code that initiates the interactive login into a separate function:
public void FullLogin()
{
auth = new Xamarin.Auth.OAuth2Authenticator(CLIENTID_GOOGLE, string.Empty, "openid",
new Uri("https://accounts.google.com/o/oauth2/v2/auth"),
new Uri("com.enigmadream.storyvoque:/oauth2redirect"),
new Uri("https://accounts.google.com/o/oauth2/token"),
isUsingNativeUI: true);
auth.Completed += Auth_Completed;
StartActivity(auth.GetUI(this));
}
Refactored the code that retrieves a Cognito identity into its own function:
private async Task CognitoLogin(string idToken)
{
AmazonCognitoIdentityClient cli = new AmazonCognitoIdentityClient(credentials, RegionEndpoint.USEast2);
var req = new Amazon.CognitoIdentity.Model.GetIdRequest();
req.Logins.Add("accounts.google.com", idToken);
req.IdentityPoolId = ID_POOL;
try
{
var result = await cli.GetIdAsync(req);
ShowMessage(string.Format("Identity {0} retrieved", result.IdentityId));
}
catch (Exception ex)
{
ShowMessage(ex.Message);
}
}
And finally implemented a function that can retrieve a new token based on the refresh token, insert it into the current Cognito credentials, and get an updated Cognito identity.
private async Task<bool> LoginRefreshAsync()
{
string tokenUrl = "https://accounts.google.com/o/oauth2/token";
try
{
using (System.Net.Http.HttpClient client = new System.Net.Http.HttpClient())
{
string contentString = string.Format(
"client_id={0}&grant_type=refresh_token&refresh_token={1}&",
Uri.EscapeDataString(CLIENTID_GOOGLE),
Uri.EscapeDataString(config["refresh_token"]));
System.Net.Http.HttpContent content = new System.Net.Http.ByteArrayContent(
System.Text.Encoding.UTF8.GetBytes(contentString));
content.Headers.Add("content-type", "application/x-www-form-urlencoded");
System.Net.Http.HttpResponseMessage msg = await client.PostAsync(tokenUrl, content);
string result = await msg.Content.ReadAsStringAsync();
string idToken = System.Json.JsonValue.Parse(result)["id_token"];
credentials.AddLogin("accounts.google.com", idToken);
/* EDIT -- discovered this is not necessary! */
// await CognitoLogin(idToken);
return true;
}
}
catch (Exception ex)
{
ShowMessage(ex.Message);
return false;
}
}
I'm not sure if this is optimal or even correct, but it seems to work. I can use the resulting credentials to access DynamoDB without having to prompt the user for permission/credentials again.
There's a very different solution I'm trying to fit with the other answer. But it's so different, I'm adding it as a separate answer.
It appears the problem was not so much related to needing to explicitly use a refresh token to get an updated access token (I think this is done implicitly), but rather needing to remember the identity token. So rather than include all the complexity of manually applying a refresh token, all that's needed is to store the identity token (which can be done in a way similar to how the refresh token was being stored). Then we just need to add that same identity token back to the credentials object when it's missing.
if (!string.IsNullOrEmpty(credentials.GetCachedIdentityId()) || credentials.CurrentLoginProviders.Length > 0)
{
if (config.Read())
{
if (config["id_token"] != null)
credentials.AddLogin(currentProvider.Name, config["id_token"]);
Edit: The problem of needing to use a refresh token does still exist. This code works if the token hasn't expired, but attempting to use these credentials after the token has expired will fail, so there is still some need to use a refresh token somehow in some cases.
To login with facebook on my android app I request the public_profile and email of the user:
LoginManager.getInstance().logInWithReadPermissions(LoginFragment.this,
Arrays.asList("public_profile", "email"));
Then I send the id_token Profile.getCurrentProfile().getId() to the backend server.
On server side I try to verify the token as follows:
$id_token = $_POST['idToken'];
$app_access_token = FB_APP_ID . "|" . FB_APP_SECRET;
$fb = new \Facebook\Facebook(['app_id' => FB_APP_ID,
'app_secret' => FB_APP_SECRET,
'default_graph_version' => 'v2.8',
'default_access_token' => $app_access_token]);
$response = $fb->get('/debug_token?input_token=' . $id_token, $app_access_token);
But $response just contains an empty json {}.
UPDATE 1:
With
$oauth = $fb->getOAuth2Client();
$meta = $oauth->debugToken($app_access_token);
I eventually managed to validate the id_token. $meta contains then:
["metadata":protected]=>
array(4) {
["app_id"]=>string(16) "123456"
["application"]=>string(10) "abcdef"
["is_valid"]=>bool(true)
["scopes"]=>array(0) {}
}
What it also shows is that the scopes-array is empty although I called logInWithReadPermissions with public_profile and email permissions. I even checked the Permissions again in the onSuccess()-method of the FacebookCallback. But before I store the data to the DB I would like to read the user_id, user_name and email on server side to ensure that they match the id_token.
UPDATE 2:
When I call $oauth->debugToken() with $id_token instead of $app_access_token I now get what I expected. It also shows the pemissions I set before. But still I have the problem that I don't know how to access the granted information (user_name, user_profile_picture, email, etc.).
Finally I managed to solve the whole problem. I guess my main problem was that I wasn't aware of when to use user access token and when app access token. In many discussions and even documentations one is just talking about access token without specifying whether he means the user or the app access token. That said, here my final solution:
$id_token = $_POST['idToken'];
$app_access_token = FB_APP_ID . "|" . FB_APP_SECRET;
$fb = new \Facebook\Facebook(['app_id' => FB_APP_ID,
'app_secret' => FB_APP_SECRET,
'default_graph_version' => 'v2.8',
'default_access_token' => $app_access_token]);
$oauth = $fb->getOAuth2Client();
$meta = $oauth->debugToken($app_access_token);
try {
$meta->validateAppId(FB_APP_ID);
$idTokenIsValid = true;
} catch(FacebookSDKException $e) {
$idTokenIsValid = false;
exit;
}
if($idTokenIsValid){
$resp = $fb->get('/me?fields=id,name,email,first_name,last_name,locale,gender', $id_token);
$user = $resp->getGraphUser();
if($user->getId() != null){
$facebook_id = $user->getId();
$picture = "graph.facebook.com/" . $facebook_id . "/picture";
}
if($user->getName() != null){
$name = $user->getName();
}
$emailIsVerified = false;
if($user->getEmail() != null){
$email = $user->getEmail();
$emailIsVerified = true;
}
if($user->getFirstName() != null){
$given_name = $user->getFirstName();
}
if($user->getLastName() != null){
$family_name = $user->getLastName();
}
if($user->getProperty('locale') != null){
$locale = $user->getProperty('locale');
}
if($user->getProperty('gender') != null){
$gender = $user->getProperty('gender');
}
if($emailIsVerified){
//update db or/and request data from db
}
}
I've been trying to get the email of the person who is sending a GET to AppEngine for hours I can't get that working.
What I'm trying to do is:
A client request a GET to an URL from Android.
AppEngine returns XML depending on the user making the request.
I'm using AERC library from Tim Bray to authenticate using a token that android provides.
public void run() {
if(client == null){
final AccountManager mgr = AccountManager.get(mActivity);
Account[] accts = mgr.getAccountsByType("com.google");
client = new AppEngineClient(APP_URI, accts[0], mActivity);
}
Log.i(tag, "Respuesta de auth: "+new String(client.get(AUTH_URI, null).body));
}
On the server side I have this:
UserService userService = UserServiceFactory.getUserService();
if (userService.getCurrentUser() != null) {
ret = "<tag>User userSErvice: "+userService.getCurrentUser() + "</tag>";
}else{
ret = "<tag>User userSErvice: null</tag>";
}
if (request.getUserPrincipal() != null) {
ret += "<tag>User request: "+request.getUserPrincipal() + "</tag>";
}else{
ret += "<tag>User request: null</tag>";
}
I'm using userService.getCurrentUser() and request.getUserPrincipal() because I don't know what method is which have to work. Both return null.
What am I doing wrong?
Thanks
Solved.
I had to add security contraints on web.xml like this:
<security-constraint>
<web-resource-collection>
<url-pattern>/yourservlet/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
And you have to request to an https to get the user from appengine