I have a app in android which works with the google sheets API and write/reads from a spreadheet.
First time I run the app its all good - I get a token from the GoogleAuthUtil fetchToken method and I can make API calls (followed this page - http://developer.android.com/google/auth/http-auth.html).
After one hour, the token expires and I need to get a new one, and I read that it should be really easy with the google play services, since it handles the refreshing of the token.
The problem is - I don't know how to check if the token is valid, and if its not valid, how to get a new one.
I can't just get a new one, because I don't know if an hour passed since the last time I used the app, and I don't think I should try to get a new token everytime I launch the app.
If someone have any experience working with this, I would appreciate any help.
Been struggling with this for a while. just want to know how to check if token is valid, and if its not valid - how to get a new one!
thanks!
Related
I am trying to access users YouTube private data like subscriptions which require OAuth authentication. I have tried 2 approaches so far.
1.Using GoogleAuthUtil.getToken() method. But it's deprecated and using this function only access token can be acquired which expires after 1 hour. I have no idea how to retrieve refresh token using this method.
2.According to this article and this answer we should avoid use of getToken method because of security and UX problems. So I tried using Auth.GOOGLE_SIGN_IN_API. According to the documentation, we need to use GoogleSignInOptions. So I used it and using requestScopes() i added the Youtube scope. Also I used requestserverauthcode() to get the exchange code, using which access and refresh token can be acquired. Now here's my problem, we need to use GoogleApiClient with addApi(). The available set of API's doesn't have a Youtube API listed to put it in addApi(). So there is no way I can get access to access tokens / refresh token.
Can anyone help me out?
EDIT:
I solved it. I used getToken approach to get tokens. Whenever a 401 authorization error occurs, we need to call getToken method returns a new token.
I've spent the last two days searching and researching this matter and I must admit I'm shocked implementing this in Android is so insanely complicated compared to iOS or Windows which I already done!!
I'm trying to obtain a token and a refresh token to send to my back end server so it can handle Drive API calls on the user's behalf and its simply a HUGE mess!
I tried to follow many different blogs, endless different ways from google's developers page, countless posts here and other places.
Nothing works.
Maybe some one here can help me...
Here's my current situation:
First I use
String[] accountTypes = new String[]{"com.google"};
Intent intent = AccountPicker.newChooseAccountIntent(null, null,
accountTypes, false, null, null, null, null);
startActivityForResult(intent, 10001);
to pick an account or register a new google account.
Then, I'm using
GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(new NetHttpTransport(),
new JacksonFactory(),
clientId,
secret,
Arrays.asList(DriveScopes.DRIVE)).setAccessType("offline").setApprovalPrompt("force")
.build();
to generate a GoogleAuthorizationCodeFlow object. With this I can get a GoogleAuthorizationCodeTokenRequest. But the response I get only has a token. There is no refresh token.
I already approved the consent dialog that appeared which to my understanding should also provide me with a refresh token afterwards.
What am I doing wrong? Or atleast, is there any where I can find a clear example on how to obtain a refresh token???
Alright, so after digging further... I eventually came across this document.
It basically explains that the token + refresh token are not the responsibility of the app/client, it is the responsibility of the backend server and what the client needs to provide to the backend server is only a temporary authorisation code which is easily obtained using GoogleAuthUtil.getToken(). The server will use that auth code to generate a token and a refresh token for future usage. This is explained here.
I hope this might help some one who encounters this issue in the future.
I am developping an android app based on firebase that connects to the Nest API. While it worked for some time, it now rejects authentification.
I get the folowing error "The active or pending auth credentials were superseded by another call to auth" when I'm pretty sure firebaseRef.auth() method is only called once...
EDIT : I'm getting close to the 1000 Users limitation after wich we should request more users from Nest.
Any idea where this is comming from ? Can it be comming from the online service I am calling or is this necessarilly due to my code ?
thanks.
P.
We discovered that every time the user is passed through the Works with Nest web sign up dialog, it generates a new auth token. Is it possible you've run through the process on multiple devices and generated a new auth token, invalidating your previous one?
I try to use Google oauth to authenticate users on my android app.
Then I would like to send it to my app server so it can connect at any time with Google calendar.
I tried to use
GoogleAuthUtil.getToken(getApplicationContext(), mAccountName, mScope);
Following this article:
https://developers.google.com/accounts/docs/CrossClientAuth
When I use it with scope
mScope = "oauth2:https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile";
I get a token, which is valid for an hour
But when I try to get an authorization code (so I can get a refresh token that is valid for longer time, using
mScope2 ="oauth2:server:client_id:{CLIENT_ID}.apps.googleusercontent.com"+ ":api_scope:https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile";
I receive either "invalid_scope" or "Unknown" exceptions.
What am I doing wrong?
EDIT:
OK, After creating a new app on google API console and adding plus.login to the scope I get a code, but for some reason my server can't resolve this token. When tying to resolve server gets an error about the redirection URL.
BTW, When I do the web flow with same parameters it works.
OK, found the solution, I expected Google to have a lot better documentation about working with Google Oauth and Android. A few things you have to know to work with Android and offline token
When you create google Client ID Don't create a service application before you create a web application
Must include https://www.googleapis.com/auth/plus.login in your scope
The weirdest, to resolve the one time authorization code on my server, I had to use the redirection URL from the Android client ID details (which doesn't even look like a url) and not from the Web client details on Google API console.
That scope string is only documented to work when passed to GoogleAuthUtil(), see http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html, on Android. But it would be cool if it worked on iOS too; our infrastructure there is a little behind where we’re at on Android.
I have had the same issue then i realised that my app is not published and is in debug mode, so i had to add test users to the Google project -> Consent Screen, then i was able to fetch the token for the added test user.
You just need to follow the correct steps/format for specifying the scopes. Find them here https://developers.google.com/android/guides/http-auth#SpecifyingScopes
I have implement function retrieve credentials from saved token in SharedPreferences.
mCredential = new GoogleCredential.Builder()
.setClientSecrets(CLIENT_ID, CLIENT_SECRET)
.setJsonFactory(mJsonFactory)
.setTransport(mHttpTransport).build();
mCredential.setRefreshToken(accessRefreshTokenSave);
mCredential.setAccessToken(accessTokenSave);
Long expires = mCredential.getExpiresInSeconds();
boolean result = mCredential.refreshToken();
When the token is expired. We should call mCredential.refreshToken() to refresh the token, is it right ?
When i call refreshToken i got exception.
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request
{
"error" : "invalid_grant"
}
What should i need to do to refresh the token ? I found some document in Using OAuth 2.0 say about refresh token. But i don't know how to implement it in Android code? Is there any sample code do this ?
Generally (in my experience, since I haven't found any documentation) 'invalid grant' means there is some problem with your stored refresh token. This includes (I think):-
The user has revoked it
Your testing has caused multiple refresh tokens to be generated. Only 25 may be extant
The scopes associated with the stored token have changed
To recover the situation, delete the stored refresh token and start the process again. The good news, is that apart from the user revocation scenario (1) this is a testing environment issue and doesn't necessarily mean you have a bug.
Have a look on https://developers.google.com/+/mobile/android/sign-in that's the OAUTH for Android, and you can check what is wrong, or maybe use the example code in your Project. To give you more details, you have to post the entire project (linking it to GitHub for example) or post the interested Class ;-)