I would like to write a custom authenticator for Android. I found this nice tutorial to do it, but instead of using Parse as authentication server, I want to use Google App Engine:
http://udinic.wordpress.com/2013/04/24/write-your-own-android-authenticator/
The problem is that I couldn’t find the way to do it. Do you know if that is possible?
All I can find is how to implement authentication using a Google account, but I’d rather prefer to allow users to use any email account.
Thanks.
You have plenty of choices, the first ones that come to mind:
You can use 3rd party OAuth providers which not all email providers are.
Implemment and use your own Authenticator.
(Recommended) Since you are not accessing user data through OAuth just implement a standard user/password authentication method using endpoints and secure the API using your android's app SHA fingersprint, as explained here
Related
I tried to login via selenium to google account and get stuck
I know that we need to put some settings todo it
I tried:
Look
But it doesn't help me
Any ideas?
This is a very bad approach and you shouldn't be automating them. It's not recommended to use WebDriver to log into these types of sites. It's against the usage terms, and it's slow and unreliable.
Still if you want to do, please find the below reference Link:
https://www.tutorialspoint.com/how-to-automate-gmail-login-process-using-selenium-webdriver-in-java
https://www.edureka.co/community/2137/automate-gmail-login-process-using-selenium-webdriver-java
Better Approach:
The best approach is to use the JAVA Mailer API or GMAIL API.
The best to use the APIs that email providers offer or, in the case of Facebook, the developer tools service that exposes an API for creating test accounts. (The Gmail API is here.)
Ref:
JAVA Mailer API:
https://www.tutorialspoint.com/javamail_api/javamail_api_checking_emails.htm
Gmail API:
https://developers.google.com/gmail/api
In the Google Account Help page they say:
https://support.google.com/accounts/answer/7675428?co=GENIE.Platform%3DAndroid&hl=en
I'm trying to set up Microsoft Translation API (part of MS Cognitive Services) in my Android app (using Java). I'm relatively new to Android programming and authentication methods, and I'm a bit confused with the those ones.
When I registered for an Azure account I created an Azure Directory, then created an Android App in the portal, configured it and got my auth_config.json .
Well, when I checked the MS translator API docs I saw that I can use it through a GET request and the API key provided. But also I saw I can authenticate by using a token, and that's where I'm stuck.
I've searching for days and I cannot find a clear and concise tutorial/guide/docs to Authenticate (no user context) from my Android app in order to use MS translate API by using tokens.
I found this link but it's only applicable when users have to sign in.
Any help related to auth tokens flow and conceptual design of them is also welcomed, but the main question would be "How to authenticate an Android App (no user context) by using tokens for accessing an Azure API?"
Thanks.
It sounds like you are trying to create a native Android Application using Java to get an access token in order to utilize the MS Translator API. But you would like to flow to be non-interactive.
You shouldn't need to get an access token in order to utilize the MS Translator API. Per the documentation you will only need to get the translator keys and then you will be able to use the Translator REST API using the Translator key.
The Translator Getting Started on how to setup and get keys can be found here :
https://learn.microsoft.com/en-us/azure/cognitive-services/translator/translator-text-how-to-signup
And the documentation on how to use the Translator API in Java can be found here :
https://learn.microsoft.com/en-ca/azure/cognitive-services/translator/quickstart-java-translate
In addition to that, I think it's important to understand the concepts of how to get access tokens from Microsoft for the future.
The v2.0(also referred to as converged) endpoint flows and explanation on how the authentication process works can be found here under "concepts > authentication > OAuth2 .... flow".
https://learn.microsoft.com/en-us/azure/active-directory/develop/authentication-scenarios
That being said, the MSAL library doesn't necessarily have all these flows implemented yet. To see more information on what MSAL libraries support what auth flows, you can find this information at the link here :
https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows
Unfortunately we don't support the non-interactive flow using the MSAL Android library yet. If you're interested in this feature please submit an issue against the MSAL Android Library here : https://github.com/AzureAD/microsoft-authentication-library-for-android/issues
And one of the engineers that handles the library will reach out and discuss it further.
All the Azure AD libraries have wikis that can be found on their respective github repos. The MSAL Android one can be found here : https://github.com/AzureAD/microsoft-authentication-library-for-android/wiki
Hopefully this has been helpful, and if you have anymore questions please leave a comment.
Essentially you won't need to use MSAL and you should be able to just use the translator key to make calls to the MS Translator API.
Background
I believe the recommended way to access Google services from Android is to use the Google APIs Client Library for Java (for some services play services is recommeneded too).
If you want to access your user's account, you use oauth2 to authenticate the user, but things seem less clear if you want to access your own services (eg. I want to access Google Cloud Storage belonging to my app engine project).
The problem with service accounts
What I see a lot of here is using service accounts, and I've used them server-side and found them to be a comparatively simple solution, but this requires you to deploy your private key so I don't think this could be right for public Android apps.
The solution: Public API access
If you go to the 'credentials' page of the cloud console:
https://console.developers.google.com/project/[your_project]/apiui/credential
it seems pretty clear that they expect you to use a 'public API access key' for the situation I'm describing. It appears that this is not OAUTH based.
I assume that I will still use the type 'GoogleCredential' for this, but in the documentation for the credential builder I don't see how to do this. The set client functions appear to relate to the oauth2 access (which uses client ID/secret).
The Question
How do I use the 'public API access' key to access Google services from an Android app.
Or, if I'm wrong about service accounts - and they really are the recommended solution, then please show me some evidence of this because it certainly apppears to me that they are not the right solution for publicly distributed apps.
The good news is that it's very much easier. You can either use a Service Account (ie. a brand new account dedicated to your app) or a regular account.
For a service account you embed the key in your app, for a regular account you embed a refresh token in your app. In both cases, be aware of the security risk and use the minimal scope necessary.
You can get a refresh token without writing any code by following the steps in How do I authorise an app (web or installed) without user intervention? (canonical ?)
I'm reading the Google Cloud Endpoints docs related to OAuth2 Security.
I assume this kind of security is against Google accounts.
Is there any support to have a custom User schema to authenticate against?
What I would like is to have client JS application which uses Google Cloud Endpoints but authenticate against local storage (App Engine) of users.
Is Google Clound Endpoints suitable for this or do I need to write my own Security mechanism?
My understanding of OAuth is:
An end point is implemented by a provider, so when an application such as yourself, authenticates a user such as myself, it returns a result.
Now the problem is if google's end points can return custom schema.
What you could do is, implement the functions, and change your DNS (/etc/conf) so that google's endpoints hit your localhost. In principal this will work, however in practice I am not sure I would do this myself, but perhaps you have your reasons.
So with AppEngine, I imagine there might be a class which overrides/implements this stuff. With the DNS rewrite trick, you should be able to get it to work.
If you do, please write about it, so it can help others.
The OAuth for Cloud Endpoints is Google accounts only. You would have to write your own.
Honestly, just use Google Accounts, user can even sign up for Google accounts with their own email address. In the future they will probably support Open ID with Endpoints as well.
Hey all, i want to integrate my Blackberry App with Twitter, and found that the way to do it is with OAuth. The problem I have is that i would like to do the verification of this from my server as to put less strain on the device, but I have no idea how to get the OAuth PIN from the server to be displayed on the device so the user can enter it, any ideas as to how i can do this? or an alternative ?
You can't. OAuth was designed such that only the service provider can provide authentication (so that the developers don't have to store their client passwords on their database servers and if the client changes their passwords, then it would have to be managed also on the developers side too). There is only one source of authentication and that's from the service provider (Twitter, in this case). Sharing of passwords is therefore eliminated.
OAuth doesn't work on PINs but rather using Request/Access Token. Follow the Beginners' Guide to OAuth and Twitter Developer's Auth Page to see how you can incorporate OAuth to Twitter. Just to give you an heads up, you will have to register your application to Twitter.
Update For Mobile and Desktop applications, rather go through Twitter's xAuth. Here's a documentation on how to register and use your application to use xAuth.
Twitter OAuth FAQ.