So I'll start from the beginning. I want to create an Android application and a server (written in java). The server will be written in Java. What I want to do is to be able to log in to my server from the Android application, using the Google account. After the device is logged in, there will be some information sharing with HTTP Requests. I want to use REST.
How should I proceed for achieving my goal? I guess I should use the Google API and Google App Engine. What should I do to implement the log in and the part in the server. It's first time for me writing a server and an application with log in, so any advises will be appreciated. The application is for educational purposes. Thanks in advance!
I would really suggest you give Google App Engine a try, specially combining it with Cloud endpoints which are designed to connect your server to clients like an Android App. Using endpoints you'll get cloud infrastructure + REST services + native libraries ( for Android, JS and iOS) and everything related to authentication is already sorted out (via OAuth).
App Engine can also be developed using Java and it's already integrated with popular IDEs like Eclipse (through the Google Plugin) and Android Studio (as backend modules) so you prbably have everything you need to star working on your App Engine server.
Use Google Play services (you don't need App Engine).
Here is the complete process with code samples: Authorizing with Google for REST APIs
Another option you can look at: Google+ Sign-in for Android
On the server side, once you have the auth token, you access the Google REST API with the username and token, and Google will tell you if the access is authorized.
I understand what you're trying to do. Your user already has a username and credentials on Google, why not just get the username and let Google do all the authentication?
However, you might want to re-think this approach.
The problem is that you will ask your user to sign in to Google and Google will ask the user (through logic in the Android API code) if your application can have access to their information in Google. Your users may balk at granting that kind of access to your application, and that will hamper your efforts to get people to use your app.
Now, if your app actually uses the Google REST APIs, then this would make more sense, because the auth token your app requests will provide access to a Google API.
But if all you're doing is authenticating, your users might be hesitant to authorize your app for some Google operation they don't think you need.
To get a feel for the OAuth 2.0 message flow, you can use this: OAuth 2.0 Playground
Related
I am trying to build an OAuth2.0 client (Authorization code flow) app communicating with the world of Microsoft, using Microsoft-Graph API. The goal is to do some proof of concept of getting the user's calendar data and also notifications when the user adds some events to the Outlook calendar.
It is a Java app so I am using Microsoft-Graph API's Java SDK, the problem is I couldn't find a proper multi-tenant tutorial using which I can cater to all MS identities including work/school/personal accounts. Most tutorials by MS are geared toward single-tenant in-house apps supposed to be used by users present in the same tenant wherein the app is registered. Any help shall be highly appreciated, Thanks!
Is there a way to authenticate a java desktop application with Slack using OAuth2? I am trying to follow Slack's guide.
I am getting stuck because it says you get the access token inside of the redirect uri of your application. But since the app I am making does not exist inside of the web browser, is there anyway I can do this?
Can my java application launch a localhost site that it can communicate with to use as the redirect uri? If so, how?
Desktop app as internal integration
Before we get into more details please note that there is an easy solution if you plan to use your desktop app for your own Slack workspace ONLY. In that case your app does not need to support the full Oauth work flow and you have two options:
Install your app as internal integration via the management page
of your Slack app and then copy & paste the token to your desktop app
Create a legacy token for your Slack workspace and then copy & paste to your desk (not recommended)
I also like to clarify upfront that your app only needs to run the Oauth process ONCE for installing it into a new Slack workspace. The resulting token has no expiration date and has not to be refrehed.
Desktop app for multiple Slack workspaces
If you plan to distribute your desktop app to multiple Slack workspaces you will need to support the full Oauth installation process.
Slack is using Oauth 2.0, so in principle all the standard answers from this older Oauth wiki article should work for Slack too.
However, since you can not assume that the local machines of your users are reachable from the Internet (e.g. redirecting back to a local web server will not work, since Slack will most likely not be able to reach it), you will need a web helper app that runs on a web server and is reachable from the Internet.
This web helper app is basically a small web site, which performs the complete Oauth dance for the installation process into a new Slack workspace. You app can open a browser window and redirect to the web helper app to start the login process. You then have two basic approaches how to handle the connect back to your desktop app:
Show the resulting token to the user and ask him to copy & paste it
to your desktop app (simple approach)
Store the resulting token in your web helper app and provide an API to your desktop app to fetch it automatically. (user-friendly approach)
If you are looking for a starting point for such a web helper app, take a look at this example PHP script for installing Slack apps.
I have enabled Google Drive API on Google Developer Console and created a service account credential which is bundled with a service account ID and key ID. Despite that I have tried various ways to manage my own Google Drive account, I could not find a solution which fits for my aim. I need to upload, download and delete the files stored in my own Google Drive. The application that I am going to connect Google Drive is a console one which will be solely used for an academic research.
it's pretty simple. The steps to achieve this are at How do I authorise an app (web or installed) without user intervention? (canonical ?)
Be careful about how securely the refresh token is being stored and what scopes you grant to the app.
I've been thinking about implementing of Google Play licence check on my Java server. Is that even possible? I haven't been able to find anything on this matter. I know Android LVL is written in Java, but I'm not sure if it can run outside of dalvik machine. Is there a posibillty of checking Google account name or some kind of device ID against Google Play to check whether an app has been bought in a Java server application?
The answer above is simply verifying response data (returned by google LVL on android device) on app server.
I think the question is asking if it's possible to call some google web API to do Google Play license check on its app server. But it seems like google doesn't open the web API interface to its licensing server, all LVL calls need to be done using its google play service framework on android device.
Yes it's possible, the java sources are out there and could be downloaded (and afaik, the jar is not dexed until you compile your application) - see some kind of manual over there at developers.android.com to read about how to get the sources
I've heard about a PHP project trying to attempt it, but using java should be no problem at all - you do the same things on the server, the manuals state for the client - and let the client sends the encrypted response from the market directly to the server via SSL (e.g. byte[] post)
You should get a UID from ResponseData.userId
Read some more in this blog post and more info and links in another SO answer
I am new to Android Application Development and know all the stuff, which is required to build an Application which can use the local resources (databases and all that stuff). I want to build an Application, which will interact with the Application server. And I chose Google App Engine as my Application server. As I am slightly new to this topic, I just want to know, what are the prerequisites for doing both client and server side programming.
I would require to store some data on Google App Engine and interact with the apps with reference to the same.
P.S. I have chosen Java as my language with Google App Engine.
I don't think that there is any prerequisites for using android with google app engine.
Google App Engine is a PAAS, u can write the server side and it should work irrespective of Android, iPhone or any other device. For data transfer you can use XML or JSON format, see this if u are interested in creating REST services.Create and Deploy a JAX-RS REST service on Google App Engine
For data transfer from server to android device, u can use Google Cloud Messaging Google Cloud Messaging for Android