I'm completely new to Android development and would like to find out if the following is at all possible, and the best way to approach it:
User logs into Google account - NOT stored on the phone (OAuth??)
App displays their GMail emails - does not need to send, only receive/read
App can access their calendar and display events - again read only
That's all for the Google side of things! I've only ever used Facebook auth - so am unsure as to how Google works. I can't seem to find any definitive answers on the web.
Yes, this is all possible.
Use Google Play services to get an OAuth 2 access token for the Google APIs. For GMail IMAP and read-only Calendar API access you will need to state these scopes:
https://mail.google.com/
https://www.googleapis.com/auth/calendar.readonly
Use some IMAP library for Android using your OAuth 2 access token (e.g. JavaMail, check out this Android JavaMail tutorial and Google's sample for using OAuth2 with JavaMail).
See the Calendar API documentation for how to access the user's calendar.
You can register a web application that uses OAuth to log onto google.
https://developers.google.com/accounts/docs/OAuth
then you can use GMail API's to use the OAuth token to access user's email
https://developers.google.com/google-apps/gmail/oauth_overview
then for calendar you have the Google Calendar API's also accessed using OAuth.
https://developers.google.com/google-apps/calendar/
You can create a web app and use your android app to access your web server database via API's you create. Using this data you provide a nice GUI for your android users and provide user interactions.
Another method would be to use only the android client without a web app as mentioned by Jan Gerlinger.
You can also check out the source code for k-9 mail app for ideas here:
https://github.com/k9mail/k-9
It's a full-featured, open source android email client that supports many protocols including IMAP, SMTP and Microsoft Exchange accounts too. You can dig through the source code to find out how they do it.
Related
I have created the gRPC binding for the embedded_assistant.proto and now need to authenticate with Google Assistant SDK before I could send and receive data.
I have followed this guide but I am confused as to how do I authenticate with the OAuth file (client_secret_client-id.json) I've created.
Could somebody provide some example code to authenticate with the Google Assistant SDK?
Also, if possible could you also provide sample code on how to send a simple request from the user and get a response back from the Google Assistant after the Authentication process is setup?
You can look at how authentication is done in the example Android app for the Google Speech API, which should be much the same as needed for calling the Assistant API: https://github.com/GoogleCloudPlatform/android-docs-samples/tree/master/speech/Speech#set-up-to-authenticate-with-your-projects-credentials
Note: as described in the link, you would only want to use the client secret .json file for test Android apps, as this file should not be shipped in a released application. Some Google APIs support API key access from mobile devices, but this is method generally discouraged and not currently available for the Assistant API.
I am trying to make an android app to get my VSO items.
I am following the documentation here for the OAuth flow https://www.visualstudio.com/en-us/docs/integrate/get-started/auth/oauth
The authorisation and authentication calls require a redirect_uri to be passed in the POST requests. What would be that value for an Android app?
The URL must be secured as per VSTS guidelenes.
Based on Authorize access to REST APIs with OAuth 2.0 article:
Q: Can I use OAuth with my phone app? A: No. Right now, Visual Studio
Team Services only support the web server flow, so there's no
supported way to implement OAuth for Visual Studio Team Services from
an app like a phone app, since there's no way to securely store the
app secret.
The workaround is that you can build a web app, then send the request to that web app from your Android app to retrieve necessary data.
Update:
If you can use Personal Access Token or Alternate authentication credentials, you can use it on your android app directly. (Can't access account and profile information)
In my app my cloud services are provided by google drive (formely google docs)
to interact with google docs I use this library:
http://code.google.com/p/google-api-java-client/
It works great but requires that the device has the Google Apis on it and a google account set up
Is there any other way to authenticate on google docs without using this library?
Or do I have to migrate my cloud provider to Dropbox?
Thank you
Your best bet is to use OAuth 2.0 using the Client-side flow which is designed (partly) for mobile devices.
Basically what you'll have to do is use a Web View and redirect your users to the OAuth 2.0 grant page and then after they have granted you access to their data you simply:
Catch the auth code inside the web view
Close the web view
Exchange the auth code for a refresh and an access token
Keep the refresh token in your local database because it gives you unlimited access to the API => no need to trigger Auth flows any more.
That's it! With the newly acquired OAuth 2.0 Access Token and Refresh Token you've got all you need to access the user's Drive data on their behalf and use the API. You've circumvented the Android Account Manager.
There might even be some OAuth 2.0 / Web View client libraries available somewhere for Android, that would help a lot.
PS: this technique is widely used, for instance on iOS if you use the Facebook library, it will first check if there is the Facebook app installed. If the Facebook app is not installed it will use OAuth 2 and the Web View technique automatically. Google's Objective-C client library also uses that technique (as I've heard, never used it).
I'm currently trying to write a task manager in android which syncs with google tasks. The app uses google client API along with AccountManager to communicate with google servers. It works under android. However, I want to run it under android player on Blackberry playbook. Although the .apk file converts to a blackberry application, it seems that AccountManager does not work under playbook android player as it is not tied to a google account. I'm finding it difficult to communicate with the google servers without the account manager. I've tried adding an account manually to the AccountManager but it also throws a security exception. I'm curious if there is any other way to log into google services given an username and password (along with the API key for access)? Thanks
The AccountManager and the Google Play Services that both allow you to go through an OAuth 2.0 authorization flow with a native experience on Android (for Google APIs only) are only available on Google Experience devices. The Android Emulator of the Blackberry Playbook is likely not a Google Experience environment.
So in that case the best way is to implement an OAuth 2.0 flow by using a WebView. This is also the technique you need to use for non-Google APIs (Facebook, Microsoft, Salesforce, Dailymotion, ...)
Basically you will have to send your new users to a special URL in a WebView where Google (or the other OAuth 2 provider) will ask them to grand you access to the APIs requested. Then you will need to extract the auth code from the URL or from the content of the page once it has been generated and returned by Google auth servers. The last step is to exchange that auth code for a refresh and an access token.
You need to read and understand how OAuth 2.0 authorization flow works for Installed application: https://developers.google.com/accounts/docs/OAuth2#installed
The step by step process to do OAuth 2.0 with a WebView on Android is as follow:
Redirect Users to the grant screen URL in an embeded WebView
Use http://localhost as the redirect URI
Register a WebViewClient with an onPageStarted method to intercept page changes
Detect successful/failed authorization by detecting redirects to http://localhost and read the auth code from the URL of the WebView
Finish the OAuth 2 flow by exchanging the auth code for tokens and save these tokens in local database for further use
You can find an open-source sample that does this on Onavo's GitHub.
I'm writing an android program which must interact with google documents, so I have watched this sample, but it uses an AuthSub token. How can I get an AuthSub Token from an android app?
For accessing Google Docs or any other Google service (or any OAuth based service for that matter) you will need to find a way to do an OAuth based authentication, after which you can u get a secure token which you can use to access a service based on the users credentials.
There are some really good examples to get you started:
This is an example of getting AccountManager to work with a Google
service like Google Tasks, this shows you how to generate tokens and
then how to use them:
https://developers.google.com/google-apps/tasks/oauth-and-tasks-on-android
This is an in-depth look into how you can authenticate based on the
users Android credentials, has an example of how things work and how
the UI should be:
http://www.finalconcept.com.au/article/view/android-account-manager-step-by-step-2
For something specific to Google Docs have a look at
http://code.google.com/p/google-api-java-client/wiki/Android
http://code.google.com/p/gdata-java-client/source/browse/trunk/java/sample/docs/DocumentResumableUploadDemo.java