我可以使用Android的AccountManager获取AppEngine的OAuth访问令牌吗?
[英]Can I use Android's AccountManager for getting OAuth access token for AppEngine?
问题描述
I have Android client to my AppEngine server, both using Google Accounts. 
我有Android客户端到我的AppEngine服务器,都使用Google帐户。 I would like to use AccountManager for getting accessToken for OAuth. 我想使用AccountManager获取OAuth的accessToken 。 So far I'm using ClientLogin, but I would like to switch to OAuth. 到目前为止,我正在使用ClientLogin,但我想切换到OAuth。
Setting up OAuth on AppEngine is easy - I followed this article . 在AppEngine上设置OAuth很简单 - 我遵循了这篇文章 。 But the client side is a mystery, in particular I don't know what to use for scope, in AccountManager terms authTokenType . 但客户端是一个谜,特别是我不知道用于范围的内容,在AccountManager术语authTokenType中 。 For ClientLogin, I'm using "ah" for authTokenType . 对于ClientLogin,我使用“ah”表示authTokenType 。 But what about OAuth? 但OAuth呢?
2 个解决方案
解决方案1
10 已采纳 2012-09-27 17:16:13
As of today you can use Google Play Services API on android to do Oauth 2.0 authentication on android. 截至今天,您可以在Android上使用Google Play Services API在Android上进行Oauth 2.0身份验证。 You could then use the method described by @nivco to get the userinfo on appengine. 然后,您可以使用@nivco描述的方法获取appengine上的userinfo。 I have not done this yet, but I plan tp do exactly what your talking about. 我还没有这样做,但我计划完全按照你的说法去做。
https://developers.google.com/android/google-play-services/authentication https://developers.google.com/android/google-play-services/authentication
解决方案2
6 2012-05-05 01:07:59
I'm not sure what you are trying to do is possible through the App Engine OAuthService used in the article you are referring to. 我不确定您要通过您所指的文章中使用的App Engine OAuthService来做什么。 Also it is stated that AppEngine OAuthService only supports OAuth 1 but Android only supports OAuth 2 :) so you are screwed. 另外,据说AppEngine OAuthService仅支持OAuth 1,但Android仅支持OAuth 2 :)所以你搞砸了。
If you want to do cross Android - App Engine authentication, what I would do is: 如果你想跨Android - App Engine身份验证,我会做的是:
- In Android: get an access token for the UserInfo API (scope =
https://www.googleapis.com/auth/userinfo.emailandhttps://www.googleapis.com/auth/userinfo.profile) from the AccountManager.在Android中:从AccountManager获取UserInfo API的访问令牌(范围= https://www.googleapis.com/auth/userinfo.email和https://www.googleapis.com/auth/userinfo.profile)。 - Pass the access token to App Engine in a URL param of the request you are making from Android to AppEngine (make sure you use HTTPS to avoid interception!). 在从Android到AppEngine的请求的URL参数中将访问令牌传递给App Engine(确保使用HTTPS以避免拦截!)。
- On the App Engine side: use the access token to read the user's identity using the UserInfo API . 在App Engine端:使用访问令牌使用UserInfo API读取用户的身份。 This is basically using OpenID Connect! 这基本上是使用OpenID Connect!
- Then you can use the information you got from the UserInfo API to authenticate the user. 然后,您可以使用从UserInfo API获取的信息来验证用户身份。 The email and the user ID you'll get from the UserInfo API is equivalent to the email and user ID you would get from the AppEngine's UserService => you can trust it! 您将从UserInfo API获得的电子邮件和用户ID等同于您从AppEngine的UserService获得的电子邮件和用户ID =>您可以信任它!
PS: I described getting OAuth 2 tokens using the Android AccountManager in this article . PS:我在本文中描述了使用Android AccountManager获取OAuth 2令牌。 It was written pre-Ice Cream Sandwich but I'm hopping it is still valid. 它写在冰淇淋三明治之前,但我跳的它仍然有效。 Basically the authTokenType needs to be oauth2:{scopes} , so for instance oauth2:https://www.googleapis.com/auth/tasks for the Tasks API. 基本上authTokenType需要是oauth2:{scopes} ,因此例如oauth2:https://www.googleapis.com/auth/tasks用于任务API。 There might be some better ways to do this now. 现在可能有更好的方法可以做到这一点。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.