I have open my phone's default browser and open http://stackoverflow.com url. I have perform proper login steps there and I am easily be able to view my profile in default browser.
Now, I have created an Webview application which loads "http://stackoverflow.com" url but in my Webview but it is not showing me as logged in mode. Obviously it is not fetching cache details from default browser.
Now my question is, How can I fetch my login details in Webview ?
How can I fetch my login details in Webview ?
In general, you don't. You do not have rights to steal information from other apps, any more than they have the right to steal information from yours.
If, however, you "perform proper login steps" inside of the WebView, you will be logged in within that WebView.
If your end objective is to use the StackExchange API, you should be able to use their OAuth 2.0 authentication system.
Related
To be more precise, can my application take data from user and show a loading box to them and then open a website (non-interactable) and enter that data on behalf of the user on the website, also extract captcha and ask user to fill it in their UI and once that is filled by the user in the application's UI submit the captcha value to the website.
An android application like a medium of interaction between the user and the website?
I am a beginner level android developer and want to achieve this kind of functionality, any help would be great!
You need to create your own web service for accessing from mobile to that data on your server.
on your own server create a wrapper to access the primary data, when need to authorize or entering captcha open that page as a iframe on your server or direct link on a webview in your app to pass it.
also take look at jsoup library for accessing web element and parse that on mobile app.
hope to help you. :)
Is there any way to get Instagram access Token just by calling at the particular url but without prompting user access permission
No, you need to have WebView to display html from authentication url. Even scraping html won't work - Instagram builds whole Login page using JavaScript.
I want to ask, I have a website(HTML and javascript) that allows user to login, maintain thier account. Now I want to create an android application that allows user to login and then pulls thier account details from the website and display on the android app. I have no idea where to start? After user logged in how to pull that user's account details from website? Any suggestion where to start and what to look for???
Can I simply load the url of website for login? Would the website work fine on android?
The best approach is to create a webservice to return a JSON or XML string with the information you need.
www.example.com/userDetails.php?userID=23&encryptedPassword=ACD23423FFFF23
If you need more security you can create a mechanism that generates expirable hashes that can be used for a specified period of time.
www.example.com/userDetails.php?userID=23&expirableHash=FFFF234234234DDCCCEEEE22
You should try with WebView which allows you to embed HTML page in your Android application.
Check this out: Building Web Apps in WebView
I need to access the Gmail web interface from within a WebView in my Activity. For obvious security/trust reasons, I'd like to avoid asking the user for his Gmail credentials and storing them somewhere, but rather use something like OAuth to be granted access to Gmail. From what I've found, OAuth is only implemented for IMAP and SMTP-access to the Gmail-Account, correct?
Would using webView.getSettings().setSavePassword(true); and letting the user sign in the first time he/she uses the app work? How would I automatically submit the saved details on subsequent app-launches?
Thanks,
Nick
You have to regard your WebView as a browser. How does a browser like Chrome let you be automatically signed in each time you visit Gmail? It stores the session cookies from Gmail.
To store cookies from your WebView and reuse them the next time, check out CookieManager.
What is the point of using OAuth 2.0 client-side authorization in Android if built-in WebView browser doesn't have access to cookies of default user browser? I mean, if I open some oauth-url (e.g. http://blablabla.com/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=token) in WebView - the user will anyway be prompted to enter his credentials to sign in to "blablabla.com" social network. Because even if he is already signed in with some of his browsers (Opera or Dolphin, or default browser), the WebView browser doesn't know anything about corresponding cookies.
EDIT:
I'll try to make it a bit clearer.
The main goal is to simplify sign-in procedure in my application. I'd like to implement such mechanism that we can see on many web-sites: "Login with... Facebook/Google/Twitter/whatever". And in desktop browser that approach works perfectly, because the end-user is already signed in to aimed service WITHIN THIS BROWSER. So basically to sign-in in to my site all he needs is:
Press button "Sign in with..."
On redirected window/popup press
"Approve/Confirm".
Get redirected back, already being signed-in.
The main benefit is that user doesn't need to enter his email/name/whatever - I've already extracted it from his social-network account.
And I'm wondering how to get same effect on Android. The problem is that, as I can see, we can't let user avoid entering password, because the application (WebView) never knows if he is signed-in to some outer service or not. That's why user anyway will be prompted to enter some of his details and all of OAuth benefits become annihilated.
The workaround depends on what you are trying to do. It's not clear to me, looking at your question again, because you do not explain your use case. Instead you are indirectly asking for something that looks very broad as if you want to maintain an Android system-wide login state that spans over multiple applications using shared cookies.
Due to security reasons that is neither good nor wanted. A rogue app could do whatever it wants to do with existing access tokens requested by other apps or just temper with or read existing cookies created and maintained in other apps.
Assuming you are trying to authorize your own app access to a web service using OAuth 2.0 by letting the user log in with a WebView, you need to implement your own WebViewClient, override its onPageStarted or onPageFinished method and check whether the URL argument matches your redirect URL.
If there is a match you need to extract the access token from the URL string. If there is also a refresh token available, then extract that one, too.
(This however only works for a certain type of OAuth flow, which adds the access token to the redirect URL.)
Now you have at least an access token available. Store that token in the private preferences of your application and use it in your service requests until you get a 401 not authorized error message back from the service. At that point you can use the refresh token if available to request a new access token or you have to show the login WebView again.
If you are trying to access a Google service from your app you may find the article Getting started with the Tasks API and OAuth 2.0 useful.
Have you considered launching the browser externally (non-embedded)?
That will benefit from existing cookies and also give users the trusted UI they are most comfortable with when entering credentials to these services. (in other words - users see the SSL lock, the correct URL in the address bar, etc.)