I'm using Retrofit library and I wanted to implement OAuth 2.0 on every API call in order to authenticate those calls. How can I achieve that? Can you explain me step by step? I have followed some blogs but didn't understand how to do that.
I highly recommend you to check u2020 source code. You can achieve this with a OkHttp interceptor (Retrofit 1.x or Retrofit 2.x) or a RequestInterceptor if you stay with Retrofit 1.x.
I think for the oAuth 2.0 process its better if you open directly the browser and once its done it will redirect to the redirect_url specified. You will need to register the redirect_url in your manifest as a intent-filter for the activity that will manage the response of the server.
Related
Can't get past Django Rest Framework Token Authorization because I can't set withCredentials=true using OkHttp RequestBuilder. (I'm referring to this https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials)
In javascript using axios.post this works fine. I'm having trouble converting this post request to android using OkHttp request builder.
Request builder only seems to give setter methods for Header and Body of post Request?
Tried reading through OkHttp documentation and I've also tried to send withCredentials=True as a header
Django Rest Framework backend not recognizing the token and not resolving the bearer token to a user.
If no class authenticates, request.user will be set to an instance > of django.contrib.auth.models.AnonymousUser, and request.auth > will be set to None.
I'm going to assume here that withCredentials is a query parameter.
Appending ?withCredentials=true. to the end of the URL will probably get things going for you.
An example in full might look like https://www.example.com?withCredentials=true.
With multiple parameters, it may look like https://www.example.com?withCredentials=true&otherParam=Stuff.
I am working on a project on android and I want to implement the functionality of my application on an API written in Node JS and use it with HTTP requests.
I am searching for an (open source) HTTP API (CRUD System) that I can use in my android application in order to make HTTP requests to my API (GET, POST, PUT, DELETE).
What are you suggesting me? Which are the best solutions?
Thank you
I recommend OSS "Fuel".
https://github.com/kittinunf/Fuel
I created a sample application of API request using Fuel.
https://github.com/y-okudera/FuelSampleApp
I hope this will be of some help.
Is it possible to use Android Account Manager using Cookie-based authentication? How (a code with a explanation would be much appreciated)?
I have seen many examples regarding authentication token, but that is not the case. I have just implemented cookie-based authentication on Python FLASK.
OBS.: I'm using Android Volley for the requests of the application.
All you need to do is to add this line in onCreate in your Application class:
CookieHandler.setDefault(new CookieManager());
this line will make your HttpUrlConnection hold cookies like browser, and since most of the http agents like Volley or okHttp are based on HttpUrlConnection they also will hold your cookies )
How to implement Robospice (or something like this) + OAuth?
Maybe someone can share link to examples of good practices for creating RESTful android clients? I can't figure the architecture of RESTful app with OAuth, which cover all problems with activity's lifecycle.
Of course I know about Virgil Dobjanschi "Google I/O 2010 - Android REST client applications". With some Libraries like Robospice it is very easy to implement. But what if app uses OAuth for authorization to service? What libraries for OAuth could be useful? where store access token? How execute some requests synchronously? etc. ...
I am looking for complete code examples or at least advices about design and architecture.
It depends. Are you talking about OAuth 1 or OAuth 2? For the former, you could use signpost. For the latter, you could use RoboSpice + Google Http Client + Google OAuth Client Library.
If you use Google Http Client as your network library, what you need to do is to create your own HttpClientSpiceService based on GoogleHttpClientSpiceService, which you can find in RoboSpice. Then, you need something like this:
public static HttpRequestFactory createRequestFactory() {
HttpTransport httpTransport = AndroidHttp.newCompatibleTransport();
return httpTransport.createRequestFactory(new HttpRequestInitializer() {
#Override
public void initialize(HttpRequest request) {
// TODO: authorize or sign request...
// Note that this will authorize/sign ALL the requests you make,
// so you will probably want to improve on that.
}
});
}
The rest is really up to you, but the basics are to implement a way to provide third-party log-in, get the required token and set up the OAuth library of your choice.
Would like to use Retrofit for handling network requests between Android Client and GAE endpoints.
GAE endpoints give Client/Server endpoint libraries to handle all the networking and also Oauth2 authentication which is nice.
Retrofit helps well for asynchronous call, cancellation, parallel calls...so is better than android client asynctask.
So can this Retrofit lib be configured with Appengine GAE endpoints or need to go through normal GAE servlet?
Just to clarify my question and make answers clear for any who read this :
I had for my App :
Client side : cloud endpoint library generated by google plug in for eclipse
Back end side GAE : different API with methods coded in JPA such as :
#ApiMethod(name = "insertMyShareItem")
public ShareItemData insertMyShareItemData(ShareItemData shareitemdata) {
logger.log(Level.SEVERE, "insertMyShareItem");
}
Advantages of google cloud endpoint was endpoint libray , easy use of Auth2 and automatically use of secure connections via HTTPS
Now I want to give up Async task in order to implement Retrofit or Volley. I understood I cannot use google cloud endpoint anymore and need to transform my methods on GAE Back end side in methods which extends HttpServlet so I can access them by URL call with normal setup of Retrofit.
Which means now I need to care :
how I pass my object to Retrofit and how I retrieve them on back end
how I transform Retrofit HTTP call in a HTTPS call for secure connection
how I implement and manage Auth2 and tokens between Client and GAE back end to establish secure authentication.
This is what I understood from search and below answers.Thks
Use the Google Cloud API URL as the base URL and proceed with the normal setup of Retrofit. I don't think it is a big deal. Here is a link to a tutorial that could help you get started with Retrofit.
[source]