Android的验证与谷歌的OpenID。下一个是?Android、OpenID
我不是一个程序员,但我必须这样做我自己。我需要一些帮助。
I am not a programmer, but I need to do this myself. I need some help.
我一直在寻找的最后两天的解决方案,我找不到任何。
I have been looking for the solution for the last two days and I cannot find any.
确定。我写这封信Android原生应用程序。我的第一个目标是通过谷歌帐户(这是在手机上已设置)来实现登录的可能性。
Ok. I am writing Android Native App. My first goal is to achieve possibility of login through Google Account (which is already set on the phone).
所以我使用的AccountManager获得com.google账户,我正在一个身份验证令牌是这样的:
So I am using AccountManager to get the "com.google" account, I am getting an auth token this way:
Account[] mAccounts = mAccountManager.getAccountsByType("com.google");
AccountManagerFuture<Bundle> response =
mAccountManager.getAuthToken(mAccounts[0], "android", null, this, null, null);
Bundle authTokenBundle;
String authToken;
try {
authTokenBundle = response.getResult();
authToken = authTokenBundle.getString(AccountManager.KEY_AUTHTOKEN).toString();
} catch (OperationCanceledException e) {
Log.e(TAG, e.getMessage());
} catch (AuthenticatorException e) {
Log.e(TAG, e.getMessage());
} catch (IOException e) {
Log.e(TAG, e.getMessage());
}
和我的问题是 - 什么应该是我的下一个步骤?我如何进一步与此验证过程去?我应该如何使用此令牌?
And my question is - what should be my next step? How I can go further with this authentication process? How should I use this token?
我已经发现了一些资源,但大部分都是使用OAuth或者是基于Web的。我只需要验证和(如果可能)获取用户名(我已经有电子邮件地址),我不需要访问任何谷歌服务。
I have found some resources, but most of them are using OAuth or are web-based. I only need to authenticate and (if it is possible) get the name of the user (I already have the e-mail address), I don't need to access any Google services.
感谢你在前进。
推荐答案
事实上,OAuth的2是你想要的,而不是OpenID的 - OpenID是本质上基于Web的,因此你需要跳通过一些箍与的WebView 或浏览器。的OAuth 2,您可以使用该令牌的AccountManager与谷歌的API直接从应用程序。
Actually, OAuth 2 is what you want, rather than OpenID -- OpenID is inherently web-based, so you'd need to jump through some hoops with WebView or the browser. OAuth 2 allows you to use the token from AccountManager with Google APIs right from the app.
在您的来电 getAuthToken()的 authTokenType 参数是的OAuth 2的范围,要为 userinfo.profile 和 userinfo.email 验证的电子邮件地址(你已经拥有它,但是你有没有验证它;它在理论上是伪造的),并得到用户的名称
In your call to getAuthToken(), the authTokenType parameter is the OAuth 2 scope, which you want to be userinfo.profile and userinfo.email to authenticate the email address (you already have it, but you haven't verified it; it could in theory be spoofed) and to get the name of the user.
下面是我用什么的全部范围在类似的情况:
Here's what I use for the full scope in a similar situation:
private static final String OAUTH2_SCOPE =
"oauth2:" +
"https://www.googleapis.com/auth/userinfo.profile" +
" " +
"https://www.googleapis.com/auth/userinfo.email";
当然,你可以只使用整个字符串内联,但我preFER建立起来,是明确的,它可以更容易地后,如果需要更改。
Of course, you could just use the whole string literal inline, but I prefer to build it up and be clear, and it makes it easier to change later if necessary.
在我的情况,我用 getAuthTokenByFeatures(),是这样的:
In my case, I use getAuthTokenByFeatures(), something like this:
am.getAuthTokenByFeatures("com.google", OAUTH2_SCOPE, null, this, null, null,
new AccountManagerCallback<Bundle>()
{
public void run(AccountManagerFuture<Bundle> future) {
try {
Bundle bundle = future.getResult();
System.out.println("Got Bundle:\n" +
" act name: " +
bundle.getString(AccountManager.KEY_ACCOUNT_NAME) +
"\n act type: " +
bundle.getString(AccountManager.KEY_ACCOUNT_TYPE) +
"\n auth token: " +
bundle.getString(AccountManager.KEY_AUTHTOKEN));
} catch (Exception e) {
System.out.println("getAuthTokenByFeatures() cancelled or failed:");
e.printStackTrace();
}
}
}, null);
但可以采用同样的想法,你的code。然后,您可以使用与谷歌用户信息API OAuth的标记,如描述使用OAuth 2.0登录来验证电子邮件并获取该用户的名称。
but you can apply the same idea to your code. You can then use the OAuth token with Google User Info API, as described in Using OAuth 2.0 for Login to verify the email and get the user's name.
