Is there any way to have authenticated Google Endpoints in an android app using GoogleApiClient without being forced to have GET_ACCOUNTS permission?
Android 23+ with new runtime permissions will then ask the user for the undesirable READ_CONTACTS permission. It seems strange that all android apps with Google Endpoints would now require READ_CONTACTS permission.
The closest StackOverflow question I can find is this , but it claims that it may only work for a very limited time. This Google post provides some guidance using tokens, but not for Endpoints.
I finnaly found the solution. I updated the answer on the question you mentioned .
To avoid the 1 hour token limitation, use GoogleSignInApi.silentSignIn() to get a new token before every call you make to your endpoint. For example if you are not in the UI thread:
GoogleSignInOptions options = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN).requestEmail()
.requestIdToken(CLIENT_ID)
.build();
GoogleSignInClient client = GoogleSignIn.getClient(context, options);
GoogleSignInAccount user = Tasks.await(getGoogleSignInClient(context).silentSignIn());
// Use the new user token as before
GoogleCredential credential = new GoogleCredential.Builder().setTransport(new NetHttpTransport())
.setJsonFactory(JacksonFactory.getDefaultInstance())
.build();
credential.setAccessToken(user.getIdToken());
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.