I have a web based service (running for years) that works with google apis.
Now I would like to create an android and iphone ui (using xamarin) that uses my web services which in turn talks to google apis.
Given that I don't talk directly to google apis from the phone, do I need to use a web browser control to let the user login, or can I authenticate my server and establish a session natively on the phone?
I'm afraid I need to use a browser window, and I don't think it's user friendly to have to login to a google account in a browser window on the phone.
(I want to keep the logic on the server, so that the phone apps and the web ui uses the exact same code for it's calculations.)
EDIT: It seems Cross-client identity is what I'm looking for.
It can be done natively. See this video https://www.youtube.com/watch?v=9wAx39s10yw which explains all of the procedure using cross-platform authentication.
Related
Is it possible to use CloudKit Web Service from Android native app? How will that authentication popup window appear in a native app if I want to let user able to modify records?
Can I put a button to the native app, that will open up browser and the redirected content will appear there, and when authentication successfull, specify a callback where token which uniquely identifies users, I guess user record name can be received?
Apple engineer talks about login from web here on this session video: https://developer.apple.com/videos/wwdc/2015/?id=704
CloudKit Web Services is intended "to provide a web interface for users". If you use it to provide a native Android interface, you will probably get your iOS app rejected and lose your CloudKit access entirely.
But if you want to try it, Apple already has documentation for CloudKit Web Services which explains how to authenticate users.
From looking at the session video you mention, and also at the links and comments from Richard, I would say the answer is No to writing full native Android CloudKit apps. The reason is that Apple does not give you the option to enter the userID and password in your own dialog. The user can enter those only in a web window popped up by the apple code. So it seems at least that part of the app (authenticating the user) needs to be done using web code. I am not an Android programmer so perhaps it is possible to put together a hybrid app that addresses this issue.
Having said that, public database access does not require an iCloud account so you may be able to write an app that only uses access to the public part of your container using native Android code.
I am no expert but this is what I read on Apple website.
Use an API Token from a website or an embedded web view in a native app, or when you need to authenticate the user.
Maybe its like Netflix. Because Netflix iOS app looks just like netflix.com. To me it looks like netflix is using embedded web view. Maybe you can do the same with CloudKit.
We have a Phonegap app (Android and iOS) and web app with web API that need to use Google plus authorization. We can't figure out how to implement that. So far we only accomplished to obtain access token from mobile app and send it to server, but that's not how it's supposed to be done for several reasons.
What we are trying to accomplish is to obtain authorization code from mobile app, send it to web component and get access token and refresh token there, which is the right way, and that's how it's done using native iOS and Android SDK, but for some reason it either can't be done using Phonegap, or we just can't figure it out. For web app it woks normally. If someone has experience with this that would be very useful.
The important thing is that user can log in from different devices and that API can recognise him and use refresh token to authorize.
It would also be nice if we could use the same app id for all clients.
I'm building a mashup app for Android Wear, using speech recognition so I can post to Fitbit's API. Single-purpose and pretty simple. I generated the OAuth 1.0 credentials with the excellent Temboo library and granted access in a desktop browser, then naively hard-coded those keys and tokens into my app and let Temboo take care of the HTTP requests and API calls to Fitbit.
I've gotten errors from Fitbit stating that my requests are being refused by Temboo's server because of invalid OAuth signature (Fitbit uses OAuth 1.0). I've come to the realization that I probably need to have the user grant access on the wearable app itself. I'll need to launch the mobile browser and pass it the authorization URL from Temboo in a WebView, then have the user grant access, and then pass this approved data back to the watch.
Is there a pattern for doing this in order to allow access to third-party web service APIs already? I've not seen documentation on it so far. Does anyone have a tip on how the authorization process would flow for a wearable watch app?
Thanks much!
There is no web browser or direct internet connection on Android Wear devices - all web connections must be done on the phone part of your app and then forwarded to your Wearable app via the various Data Layer API methods - using messages is an easy way to send information in a lightweight, time sensitive manner.
Therefore your phone app should do all of the OAuth dance as part of an initial setup.
I'm really new to mobile world, so I'd like to get some opinion from experienced people.
After several days searching over the internet, I'm wondering if it's possible
integrate Appcelerator Cloud Services to a custom website made with ASP.NET, for example.
Although my mobile application, built with Titanium, it's linked to ACS, and works fine, I don't know if
it's possible to manage data stored in ACS from a custom website. To clarify, in one point there is my mobile application
talks to a webserver (ACS, for example) and other point there is a website, to manage the data stored in ACS.
What do you think, someone achieved this?
Or is it preferable to write a webserver from the scratch, store my data in somewhere, and forget about ACS?
Thank you.
Appcelerator says
Appcelerator Cloud Services (ACS) is a Mobile Backend as a Service
(MBaaS), offering a fast and easy way to build connected mobile apps.
Choose from a library of services such as push notification, status
updates, photo storage, and social integration, or create your own
custom cloud services.
Here in this page - Getting Started: Using the Javascript SDK - you can see how we can use javascript SDK which lets you access the Appcelerator Cloud Services server through some simple to use JavaScript calls. You can use this to develop web-based app.
ACS has a REST API which you can access through anything that supports xhr (which .NET does). For instance, to create a new user in ACS, you use the following link:
https://api.cloud.appcelerator.com/v1/users/create.json?key=YOUR APP APP KEY?email=john.smith#company.com&role=teacher
There are other properties you can tag onto the querystring to create a new user from a REST call. They have a complete API using REST. It's all documented. You can even send push notifications to devices from your custom website using the REST API! It's pretty cool.
http://cloud.appcelerator.com/docs/api/v1/users/create#rest
Good luck!
I recently bought an Android device. Now I'm wondering if can I mimic protocols it uses to communicate with Google servers?
I basically want to setup some kind of "Google account", which wouldn't be served by Google, but would be fully compatible with Android devices. So, does Android use some kind of WebDAV protocol for accessing things like calendar, contacts? What kind of protocol does it use for mail (is it IMAP, as I would configure my account on a PC or some other Google-only-knows-what-is-it protocol?)
Or do I just have to mimic GData protocols?
Is there even a way to change host which Android talks to?
I know that there are things like Google Apps. They allow you to setup your own, very little part of Google, which AFAIK can be connected to Android device (you just have to create an Google account with your domain after username, I suppose), but everything's still hosted on Google servers and Android still talks to Google host.
If nothing works out, I could probably create some kind of service provider, which would act like those for Facebook, Twitter and Google, but for now I want to explore possibility of doing it on the server-side.
Not that I don't trust Google. I just don't really like someone handling valuable part of my life in files I don't own. Assume this question void if someone found a way of chowning files on Google servers ;).
No, you can not "redirect" google apps on Android to talk to your servers.
Google exposes their Apps (gmail, calendar, docs, etc..) via various APIs (GDATA), so I suppose their Android apps use those.
Even if you "mimic" those protocols, you could not redirect the apps, because AFAIK they use SSL.
Just create your own client and server software, secure the connection via SSL and you are all set. You even don't have to write the software as there are thousands open-source server apps for email, calendaring, doc sharing, etc..
If you are thinking of using Google clients without their servers and proposing a roll-your-own replacement, than you clearly do not understand the complexity of developing such a service. Do you realize there are thousands of top-notch devs working daily on this?
If you dont trust application service providers (Google, Facebook, etc..) than don't use their services. Same goes for other service providers like credit card companies, banks, mobile, telco, etc..
If you have a rooted phone it could be quite cool to mimic google server. For example by changing the calendar https url in the sqlite database to your own server.
For calendar, I guess this is Caldav, but should be written down somewhere officially.
And yes, their are caldav-sync tools for Android, but they all suck completely (Hypermatic sucks less, but it has been abandoned, and is not open source)