How to access Google plus domains api using GoogleApiClient object? - android

The documentation here says the following
Warning: The Google+ Sign-In button and the plus.login scope used by
Google+ Sign-In, are not currently supported for use with the Google+
Domains API. Requests that are made to the Google+ Domains API using
an authentication token granted for the
https://www.googleapis.com/auth/plus.login scope, or generated by the
Google+ Sign-In button, will fail.
So if we need to access Google Plus Domains API how do we do it using GoogleApiClient object in android?
I want a list of a user's circles for which I need to use the Domains API.

Consider using GoogleAuthUtil for Google Plus Domain authentication.
And most importantly: "Domain API will work only with domain email id" (which is not the gmail id).
String scopes = "oauth2:" + "https://www.googleapis.com/auth/plus.me " +
"https://www.googleapis.com/auth/plus.circles.read";
String accountName = "domain_email_id_used_for_login";//fetch from AccountManager or ask the user to enter
String token = "";
try {
SharedPreferences sharedPref = PreferenceManager.getDefaultSharedPreferences(LoginActivity.this);
token = sharedPref.getString("token", "");
if (!token.equals("")) {
GoogleAuthUtil.clearToken(LoginActivity.this, token);
}
token = GoogleAuthUtil.getToken(LoginActivity.this,
accountName, scopes);
GoogleCredential googleCredential = new GoogleCredential().setAccessToken(token);
PlusDomains plusDomains = new PlusDomains.Builder(new NetHttpTransport(), new JacksonFactory(), googleCredential).setApplicationName("GPlusLab").build();
plusDomains.people().get("me").execute();
return token;
} catch (UserRecoverableAuthException e) {
startActivityForResult(e.getIntent(), REQUEST_AUTHORIZATION);
} catch (GoogleAuthException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
github link to complete example.

Related

Android: How to get Refresh Token by Google Sign-In API?

Currently, I am working on the application where user able to login with Google. As part of the login process, we need to send Google ACCESS TOKEN and REFRESH TOKEN to server end.
I am retrieving access token by the following method,
mAccountName = googleSignInAccount.getEmail();
String scopes = "oauth2:profile email";
String token = null;
try {
token = GoogleAuthUtil.getToken(activity.getApplicationContext(), mAccountName, scopes);
} catch (IOException e) {
Logger.eLog(TAG, e.getMessage());
}
GoogleAuthUtil class from which I am accessing access token don't have a function for refresh token. So how to access Refresh Token? Thanks in advance!
You should use the server auth code flow via Auth.GOOGLE_SIGN_IN_API: get an server auth code on Android client, send to your server, server exchanges the code for refresh and access token (with a secret). There are more details in this blog post as well.
Also, if you are using GoogleAuthUtil.getToken for access token now, you do want to check out this Google Sign-In best practice blog post to see how to migrate to the recommended flow to ensure security and best UX.
I think you need to try this code in AsyncTask like below.
private class RetrieveTokenTask extends AsyncTask<String, Void, String> {
#Override
protected String doInBackground(String... params) {
String accountName = params[0];
String scopes = "oauth2:profile email";
String token = null;
try {
token = GoogleAuthUtil.getToken(getApplicationContext(), accountName, scopes);
} catch (IOException e) {
Log.e(TAG, e.getMessage());
} catch (UserRecoverableAuthException e) {
startActivityForResult(e.getIntent(), REQ_SIGN_IN_REQUIRED);
//REQ_SIGN_IN_REQUIRED = 55664;
} catch (GoogleAuthException e) {
Log.e(TAG, e.getMessage());
}
return token;
}
#Override
protected void onPostExecute(String s) {
super.onPostExecute(s);
Log.i("AccessToken",s);
}
}
Then call AsyncTask like below to get Access Token:
...
new RetrieveTokenTask().execute(mAccountName);
Check here.
I hope it's help you.

Google plus => remove access to app

I am creating an App Engine project, and I want authenticated access from Google+.
I am now getting the token from the user in this way:
try {
String G_PLUS_SCOPE = "oauth2:https://www.googleapis.com/auth/plus.me";
String USERINFO_SCOPE ="https://www.googleapis.com/auth/userinfo.profile";
String SCOPES = G_PLUS_SCOPE + " " + USERINFO_SCOPE;
token = GoogleAuthUtil.getToken(MainScreenActivity.this, mAccount.name, SCOPES);
} catch (UserRecoverableAuthException e) {
startActivityForResult(e.getIntent(), 3);
}
This works, I catch the UserRecoverableAuthException if I have no permission and ask the user with the StartActivityForResult()
But I want to test it some more, looked for a way to revoke the access, but my app is not to be found here: https://security.google.com/settings/security/permissions
How can I revoke the access?

Android: using Google sign in to get access token

After reading the last Google + news at here and this. How do I get access token after I complete the sign in?
To answer doubts about oauth scope (just to be useful for googlers):
To fully understand, Google-it some about authentication and authorization concepts.
Check if user/password exists is about authentication part.
Scope is required to authorization part: what you are authorized to do or receive in behalf of user. To get a list of scopes allowed, check the OAuth service documentation.
From Google and G+, most common scopes can be found on: https://developers.google.com/+/api/oauth?hl=pt-ZA
For example, to get all possible information from user, you can use the scope:
"openid profile email https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me"
(the first word refer to protocol, followed by words that ask for fields on response, and desired scopes can be declared toghether with a space separator)
Note: Later, if you try use your access token to request or do anything that you don't asked before with a scope, the service can return an authorization error.
For Google, a good tool you can use to learn about his OAuth service and scope is the OAuth Playground: https://developers.google.com/oauthplayground/
Did you have a look at the API reference?
The class you are probably looking for is com.google.android.gms.auth.GoogleAuthUtil.
It provides, amongst others, the following method:
static String getToken(Context context, String accountName, String
Description:
Authenticates the user and returns a valid Google authentication token, or throws an exception if there was an error getting a token.
Usage:
String token;
try {
token = GoogleAuthUtil.getToken(context, accountName, scope);
} catch (GooglePlayServicesAvailabilityException playEx) {
Dialog dialog = GooglePlayServicesUtil.getErrorDialog(
playEx.getConnectionStatusCode(),
Activity.this,
AUTH_REQUEST_CODE);
// Use the dialog to present to the user.
} catch (UserRecoverableAutException recoverableException) {
Intent recoveryIntent = recoverableException.getIntent();
// Use the intent in a custom dialog or just startActivityForResult.
} catch (GoogleAuthException authEx) {
// This is likely unrecoverable.
Log.e(TAG, "Unrecoverable authentication exception: " + authEx.getMesssage(), authEx);
} catch (IOException ioEx) {
Log.i(TAG, "transient error encountered: " + ioEx.getMessage());
doExponentialBackoff();
}
You need to fetch it using async task.
public void onConnected(Bundle connectionHint) {
// Reaching onConnected means we consider the user signed in.
Log.i(TAG, "onConnected");
// Update the user interface to reflect that the user is signed in.
mSignInButton.setEnabled(false);
mSignOutButton.setEnabled(true);
mRevokeButton.setEnabled(true);
// Retrieve some profile information to personalize our app for the user.
Person currentUser = Plus.PeopleApi.getCurrentPerson(mGoogleApiClient);
AsyncTask<Void, Void, String > task = new AsyncTask<Void, Void, String>() {
#Override
protected String doInBackground(Void... params) {
String token = null;
final String SCOPES = "https://www.googleapis.com/auth/plus.login ";
try {
token = GoogleAuthUtil.getToken(
getApplicationContext(),
Plus.AccountApi.getAccountName(mGoogleApiClient),
"oauth2:" + SCOPES);
} catch (IOException e) {
e.printStackTrace();
} catch (GoogleAuthException e) {
e.printStackTrace();
}
return token;
}
#Override
protected void onPostExecute(String token) {
Log.i(TAG, "Access token retrieved:" + token);
}
};
task.execute();
System.out.print("email" + email);
mStatus.setText(String.format(
getResources().getString(R.string.signed_in_as),
currentUser.getDisplayName()));
Plus.PeopleApi.loadVisible(mGoogleApiClient, null)
.setResultCallback(this);
// Indicate that the sign in process is complete.
mSignInProgress = STATE_DEFAULT;
}
Your access token will be stored into token variable.

Android Account Manager - obtaining token secret

From my understanding to access the gmail API using XOAUTH authentication it is required you have a token and token secret if you wish to use the 3-legged-authentication.
I can obtain the token from the account manager AccountManager.KEY_AUTHTOKEN but I am unsure how to obtain the token secret.
accountManager.getAuthToken(account, "oauth2:https://mail.google.com/", null, MainActivity.this,
new AccountManagerCallback<Bundle>() {
#Override
public void run(final AccountManagerFuture<Bundle> future) {
try {
final String token = future.getResult().getString(
AccountManager.KEY_AUTHTOKEN);
} catch (final Exception e) {
Log.e(TAG, e.getMessage(), e);
}
}
}, null);
Is it possible to obtain the token secret from the account manager or would I have to launch the browser to obtain this information?
From the research that I have concluded this is not possible.
However a possible solution to overcome this problem would to be to use the Signpost oAuth library which enables request tokens to be returned from the browser.

Android - unable to use OAuth access token to retrieve Google Reader feeds

I need to obtain OAuth2 authentication token to pass it to the server so it can fetch list of Google Reader feeds for the user. Server is .NET - I have no access to it or to it's code but most likely it is using unofficial Reader API
I was able to use Android Account manager to obtain valid token for this purpose with the following code (notice that authTokenType="reader")
Account account = accounts[0];
manager.getAuthToken(account, "reader", null, this, new AccountManagerCallback<Bundle>() {
public void run(AccountManagerFuture<Bundle> future) {
try {
// If the user has authorized your application to use the tasks API
// a token is available.
String token = future.getResult().getString(AccountManager.KEY_AUTHTOKEN);
// Now you can send the token to API...
cacheManager.putString(GOOGLE_AUTH, token);
GoogleReaderManager.startAddFeedActivity(AddGoogleReaderSourcesActivity.this);
finish();
} catch (OperationCanceledException e) {
Log.e(TAG, "User cancelled", e);
finish();
} catch (Exception e) {
Log.e(TAG, "Failed to obtain Google reader API_KEY", e);
}
}
}, null);
The code above works fine when I send token to the server side .Net app: the app is able to retrieve the list of Reader feeds.
The problem is that this only works for "Google inside" devices. On Nook I have no such luck since there's no way that I was able to find to add Google account to the account manager. So I'm trying to it using OAuth 2 protocol as described here
It works fine as far as obtaining the token: User approves the app from the mobile page which returns the code token which then mobile app exchanges for the Auth token. However this token will not work with the server process. I have a feeling that perhaps I'm using the wrong scope in this URL:
https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https://www.google.com/reader/api/0/subscription/list&redirect_uri=http://localhost&approval_prompt=force&state=/ok&client_id={apps.client.id}
Scopes that I did try in various combinations:
https://www.google.com/reader/api
https://www.google.com/reader/api/0
https://www.google.com/reader/api/0/subscription/list
https://www.google.com/reader/api+https://www.google.com/reader/atom
Here's example of JSON that is returned from get token POST
{"expires_in":3600,
"token_type":"Bearer",
"access_token":"ya29.AHES6ZSEvuUb6Bvd2DNoMnnN_UnfxirZmf_RQjn7LptFLfI",
"refresh_token":"1\/bUwa5MyOtP6VyWqaIEKgfPh08LNdawJ5Qxz6-qZrHg0"}
Am I messing up scope or token type? Not sure how to change a token type. Any other ideas?
P.S. Google account login page asks: Manage your data in Google Reader, that's why I suspect that the scope is wrong
I got it working for https://www.google.com/reader/api/0/subscription/list. So thought of sharing with you.
I have valid access_token:
This is what i tried to resolve it (partially) :
Google provides OAuth 2.o playgound; where they actually simulate all aspects of OAuth 2.0 as well as final API call to fetch data.
I found this very helpful as it clearly shows what is being sent to request.
Here is the URL : https://developers.google.com/oauthplayground/
Using this, i tweaked my api call below and it works :)
public static String getReaderContent(String accessToken){
String url = "https://www.google.com/reader/api/0/subscription/list" ;
HttpClient client = new HttpClient();
GetMethod method = new GetMethod(url);
String response="";
method.setRequestHeader("Authorization", "OAuth "+accessToken);
try {
int statusCode = client.executeMethod(method);
String response= method.getResponseBodyAsString();
System.out.println("response " + responseStr);
} catch (HttpException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return response;
}
So this works properly fine for getting subscription list; but have not been able to make it work for reader api which you have mentioned in your question.
Let me know if you have got way around google reader API.

Categories

Resources