I was wondering if anyone knows of a way I can Authenticate a Google Apps User in a Android Application?
One approach I know of is to take could take their username and password in a android view, and use the clientLogin interface (http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html).
However I was wondering if there was a different approach, maybe pushing to a browser window where it would show the google login for that domain, but I would not know how to get the details back to the application, after the authentication is done.
Any ideas on how it would be done?
I wrote up how to get a google auth token from android (works fine in any java really) so you can call app engine hosted web services as an authenticated google user:
http://javagwt.blogspot.com/2009/12/authenticating-android-app-to-google.html
hope this helps
You could also try using OAuth. It's supported by Google Apps, and has a Java client library.
Related
Our Android app is a minimal wrapper around our mobile-friendly website. This is by design.
Google OAuth is one means by which users can authenticate. With the announcement that WebView's will be blocked from Google OAuth, we are now looking at how to move forward.
My current plan is:
Use a JavascriptInterface to invoke native code when someone clicks on the web app's Sign in With Google button
Use Google Sign In to authenticate the user on the mobile app side.
Somehow send this authentication to the web server. Should I just redirect the user to the existing oauth callback URL?
Step 3 is where I'm not sure what the best approach is. It's a Ruby on Rails application using Omniauth.
Are there any examples of integrating Google Sign In with an almost entirely WebView-based application? Is this approach the right way to go about it?
The solution described in Authenticate with a backend server sounds just like what you want to do in step 3, though without using the OAuth callback URL.
Unfortunately, I could not find any reference on how to use it with OmniAuth.
I'm working on a mobile app specifically for students at my university. Our school's web portal uses WordPress (or at least the login page is /wp-login.php).
Is there a way to send the user's browser to the login page and then send them back to the app with a confirmation that they were able to sign in? Or even better, include their username? I've tried a bunch of different Google searches, but most of what I've found requires installing/configuring plugins in the WordPress install, but that's not an option, since I'm just a student.
Thank you!
Well, since the site is not hosted at WordPress.com, you will have to implement your own API Endpoint for your Single Sign-On procedure.
But first contact the site's admin or developer/s and find out if they have already implemented such a mechanism.
If they haven't you can see here how to create an API Endpoint in WordPress, that your mobile application will use to authenticate users.
You can find more information here.
If your university's site does not support the functionality and they are not willing to implement it, I 'm afraid that you cannot do anything...
In my android application I am trying to build an array of login credential methods for the user. The user should be able to login using their google, facebook, outlook and twitter (etc...) credentials. I am not sure if there is an easy way to do this but currently I am looking up the API for each one of the mentioned services and researching how to use their authentication method and gaining access to services like contacts for invitation purposes.
I am having a hard time finding any resources for outlook authentication and services. If anyone can point me in the right direction I would appreciate it very much!
you can try Socialauth-Android:
The API enables user authentication and sharing updates through different various social networks and hides all the intricacies of generating signatures & token, doing security handshakes and provide an easy mechanism to build cool social apps.
Is there a way to implement oAuth flow without actually launching browser or even a webview on android?
What I want to show is a native Popup which asks user credentials and then supply it to oAuth provider.
Strictly speaking no, the main idea with OAuth is that you should never handle the user's credentials in any way.
But it depends on the provider. Twitter for example uses their own invention xAuth where you send the username and password in exchange for an access token. Twitter only allows this for applications that can motivate that need very well though.
So check with the API provider if it is possible in some way.
Recently i did some research regarding implement oAuth without using browser or webview. Nowadays some platform already has native way by using their SDK like google: https://developers.google.com/identity/sign-in/android/, linkedin : https://developer.linkedin.com/docs/android-sdk-auth#. You can search for other platform too.
Another chance i see is by using google "Firebase" : https://firebase.google.com/docs/auth/. Even though i am not yet really try to implement it, as my understanding we can create our own custom input on HTML and pass it to their Javascript oAuth SDK to do credential login transaction. Just my guess we can do it with android native interface too.
Any correction are very welcome. Thanks.
Users of my Rails app can authenticate in one of these 2 manners:
Using their Facebook account
Using our own authentication
I'm using Facebook SDK on Android and devise and omniauth on Rails.
How do I authenticate against my Rails app on Android so I can then fetch the information I need from the server?
NB: I've noticed this question is getting a fair amount of views recently. Please don't follow the advice given in this thread too closely -- the web moves fast and it dates from 3 years ago!
This can be done using the fb_graph gem (not fbgraph!).
You can just add it to your gemfile and do
user = FbGraph::User.me(token).fetch
where token is the oauth token you got by using, for example, the Facebook SDK on Android.
user.email will be the user's email address (if you set up the necessary permissions).
You can use this URL for testing:
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=https://www.facebook.com/connect/login_success.html&response_type=token
That totally depends on how your authentication system works. You will need to create an API on your server to handle communication from the Android app and pass information between both using the API.
Niraj Shah is completely right, though the answer might not be detailed enough for you. For an in-depth answer to your question, have a look at Securing an API railscast by Ryan Bates that has been released only recently. It covers HTTP Basic Auth.
You might also want to have a look at the more advanced option to secure your API / provide registered users access to their data. There's a railscast about this one as well here: http://railscasts.com/episodes/353-oauth-with-doorkeeper - though it's a pro episode, so you need to sign up for it in order to watch it.
Francisco, I have the exact same need.
The devise scenario using token_authenticatable seems straightforward and shouldn't be a problem but I'm not sure the best way to handle the Facebook scenario. On the web side, for FB auth I'm using omniauth-facebook as documented here: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview. I think this uses OAuth with FB as a provider so it's a good possibility that the latest RailsCast about doorkeeper securing an API with OAuth should do the trick. I haven't tried it yet but will do so soon unless you beat me to it. Here is the link: http://railscasts.com/episodes/353-oauth-with-doorkeeper.