So i need to be able to use Oauth for the login part on my Android application(not for Twitter, google,etc...) it's a private application. The rest of the app uses rest services w/ the authenticated token.
Here basically i'm looking for any tips, a library or an article recommendation. Most of the articles i found are about how to login to Google's services and such.
Thanks,
Check this one: scribe It is pretty simple.
Here it is a list of libraries cited by the Oauth2.0 "authority":
oauth.net/2
Related
I have a wordpress website, for which I was developing an android application. GETing data is pretty easy, as no authentication is required. But posting comments, liking a blog, these actions require authentication. Can someone guide me about how to social login (Google or facebook login) to authenticate and post comments or like a post, through the android application.
There is Rest API. You can use it to manipulate data without using web interface at all.
Also there an article about using Rest API in Android
oauth is pretty simple. You just need to get a token(string) from Google or Facebook and you will use in Rest API.
There is a lot of information but I can't find an up-to-date answer for my question.
I've got
1) Android app where user has got auth token (say from GoogleAuthUtil)
2) Google AppEngine app which provides custom REST API
Question
Is there any way to use token (got on Android side) to authenticate against AppEngine application? On the AppEngine side I just need to verify e-mail of the user
P.S. I don't want to use Endpoints since they don't support custom domains
For those who will be interested - here is the result of my research on what is the best way to authenticate against AppEngine app
I ended up with solution described in this brilliant article by #Tim Bray.
The solution has following advantages:
1) It works for local testing
2) There is no limitations on domain (Endpoints don't support custom domains)
3) If you have custom REST API you just need to add token verification (other code stays as it is)
4) It utilizes Google OAuth mechanism implementation, so I consider it as one of recommended methods
5) It's really easy to implement
I want to integrate Twitter with my Android application. Can I do this using OAuth 2.0?
I have searched the internet but couldn't find any good explanation regarding this. If anyone has done this before, can you please guide me through this. I saw in a old post here that Twitter doesn't support OAuth 2.0.
Basically, no, Twitter still uses OAuth 1.0a for most parts of their backend. Since march however, they support the OAuth 2 client credentials flow for application-only authentication.
This means, if you:
have an application that only shows tweets from other users or stuff like that, you can get authorized using OAuth 2.
want any users to use your app to post tweets or do anything else on a user's behalf, you have to struggle with OAuth 1.0a.
You should check out the Twitter4J library, which abstracts most of the OAuth 1 hassle away from you.
This might be of interest:
"... we're releasing our application-only authentication scheme, based
on the OAuth 2.0 client credentials flow."
Posted to dev.twitter 2013-03-11 https://dev.twitter.com/blog/application-only-authentication (current: https://blog.twitter.com/developer/en_us/a/2013/application-only-authentication.html)
Users of my Rails app can authenticate in one of these 2 manners:
Using their Facebook account
Using our own authentication
I'm using Facebook SDK on Android and devise and omniauth on Rails.
How do I authenticate against my Rails app on Android so I can then fetch the information I need from the server?
NB: I've noticed this question is getting a fair amount of views recently. Please don't follow the advice given in this thread too closely -- the web moves fast and it dates from 3 years ago!
This can be done using the fb_graph gem (not fbgraph!).
You can just add it to your gemfile and do
user = FbGraph::User.me(token).fetch
where token is the oauth token you got by using, for example, the Facebook SDK on Android.
user.email will be the user's email address (if you set up the necessary permissions).
You can use this URL for testing:
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=https://www.facebook.com/connect/login_success.html&response_type=token
That totally depends on how your authentication system works. You will need to create an API on your server to handle communication from the Android app and pass information between both using the API.
Niraj Shah is completely right, though the answer might not be detailed enough for you. For an in-depth answer to your question, have a look at Securing an API railscast by Ryan Bates that has been released only recently. It covers HTTP Basic Auth.
You might also want to have a look at the more advanced option to secure your API / provide registered users access to their data. There's a railscast about this one as well here: http://railscasts.com/episodes/353-oauth-with-doorkeeper - though it's a pro episode, so you need to sign up for it in order to watch it.
Francisco, I have the exact same need.
The devise scenario using token_authenticatable seems straightforward and shouldn't be a problem but I'm not sure the best way to handle the Facebook scenario. On the web side, for FB auth I'm using omniauth-facebook as documented here: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview. I think this uses OAuth with FB as a provider so it's a good possibility that the latest RailsCast about doorkeeper securing an API with OAuth should do the trick. I haven't tried it yet but will do so soon unless you beat me to it. Here is the link: http://railscasts.com/episodes/353-oauth-with-doorkeeper.
In android how can I authenticate the user by Gmail account. Is their any api or support available for android.
Thanks...
Yes, you can use OAuth in Android. There's a fairly detailed post on this:
OAuth in Android using the Google APIs Client Library for Java
There are also two other Java libraries that you might consider for this purpose:
Scribe Java API (also supports using several other identity providers)
OAuth Signpost
Are you asking how to authenticate user in your android app?
You can create a gmail client to authenticate user based on their gmail a/c but This is a unsupported in android sdk.
Take a look at my answer here: https://stackoverflow.com/a/10245999/350691
Hope it helps!