if this is a duplicate, sorry i tried looking though
ive read the docs at google about authentication options for app engine
if im using just simple POST 'protocol' between android and gae,
i can obviously authenticate my POST's to make sure they came from 'account holders'
but what stops someone signing up, logging in or sending posts outside my app ?
is there some seed/signature in my android app that 'says', "hey this is communication coming specifically from my android app" ?
thanks
There is not real way to stop someone from impersonating your client, almost every digital method that you can think of cab be replicated to other digital device.
The question that you need to ask yourself is why do you care that the client is not a "real" client.
Related
hi everyone i'm beginner to the android. I'm developing a android application for a website, in which i need to update the notifications. But i don't know how the notifications will be reached to the users. Can any one please explain how the functionality will goes on and how i can send the notifications to the users.
Thanks in Advance.
For this you can use google cloud messaging (GCM) for beginner it is easy to set up.
Follow this LINK
Once you are done with the Set Up then follow link for sending notification from server to client.
And this link for client request to application.
I hope this helps you out.
I would recommend you go through the mentioned link, its an open source project which has implementation for notification handling you are looking after.
Putting it here so that anyone else can also leverage.
https://www.openhub.net/p/google-cloud-messaging--titanium-
I'm a beginner learning android app development.
I have a requirement for a user to be able to Read messages (just the body content - text only) from a Gmail account (Read-only mail extraction?) and save the email content within the app.
I don't need to retrieve messages when the user is not actively using the app.
The app and SQLite database I am building sits on the phones internal local storage. I do not have a backend server.
I have looked at the Gmail API tutorial here: https://developers.google.com/gmail/api/guides/
As I understand, I need to use the Gmail API and ensure that a user of my app can authenticate as a Gmail user.
Is anyone able to advise:
1) if this is feasible to do without a back end server?
2) any tutorials as to how to approach this, or would you recommend just working through the material I listed above?
3) (I understand this is highly subjective) how substantial a task this is to undertake for a learner (This is an educational project, so I am limited by time - if it takes me more than 3-4 days I will run out of time!) An idea as to how long it might take someone who is experienced would help me to grasp the scale of the task.
Google uses Oauth2 to authenticate and track applications connected with a user's account. You will need to get a security key for app from google. Because you do not have server, you will want to get a client only key and not the service key. You can get the client key by going to the Google API Console. For help about how to let the user sign-in to their account you can look at this Android tutorials here. After you get the google sign-in working you can continue on to getting the Gmail messages.
It may seem like a complicated process, but you should be able to have in working in a short amount of time if you go through the tutorials on Google's developer's site. I got a similar app working in only about an hour. To add a nice user interface will take longer, but thats up to you.
The application I'm creating is supposed to allow client to send some feedback to server, so I make a simple httprequest with my feedback and other information in it, but I wanna make sure that request can only come my application, the rest should be rejected. So what are my choices?
Thank you for your helpful directions in advance.
P.s: I'm not asking for code, just the best practice.
I have looked for the same thing and what is possible is to force the app users to sign in with their Google account and then you can get verification via tokens that the call came from your app as described here:https://developers.google.com/identity/sign-in/android/backend-auth
That there isn't an option without having users sign in is disappointing.
I have a web base email client that uses a java app to connect to IMAP and POP3 servers to download email. There is an issue that if a user usually logs in form the US that the java app will not have access to collect emails until that user logs in from the same county the java app is running.
I was told to overcome this to use google oAuth in order for the account user to give permission to my app to collect emails. Is this correct? Once this has been accomplished I would also like to the the API to import contacts, but for now authorization/authentication is sufficient.
The problem I am facing is that after trying to make heads a or tails of the google oAuth api documentation im really confused and did not yet manage to make a working example. Documentation often has links to a depreciated API and there is no example with a dowload link to both the API needed and exaple source code, as a result I think im using incorrect libraries for my examples.
Its also not clear to me what/how to accomplish what is needed do I use client authentication via javascript to create a popup whereby the user grants access?
Or do I use installed app client with a token and secret, this is what I tried but the 'command line' example I tried requires Java EE and this is a native app so I dont see why and I dont want to import all Java EE libraries to my small email downloader app.
Where can I find more intuitive documentation and working examples on this?
If you stay away from OpenID 2 and OAuth 1, I think the docs are pretty orderly these days. The best place to start is https://developers.google.com/accounts/docs/OAuth2
I'm working on connecting an android app in Java with google app engine. This is my first time doing it. I watched and did the same thing that it was done in this video:
http://www.youtube.com/watch?v=M7SxNNC429U
I have been working and I'm getting the same problem. When creating the project and running it, it runs but it shows me a message that I have to create/add an account, I already register it when creating the project. When I enter my gmail account info it shows me a message saying: "Can not connect with the server". I'm not sure what it is happening, please a ed help on it, thanks for you time and patience.
Careful C2DM is deprecated in favor of Google Cloud Messaging and the latest Google plugin doesn't have the wizard for creating a App engine connected android project
That video is awesome, but there's some useful documentation for AppEngine Connected Android apps too. Specifically in the Creating A New Project section, it explicitly states,
Important: You must sign up for a C2DM account using the same Google account that you use for the Android application you are developing and for the GPE plugin.
You can go back and edit things later so that the account you're logging into the app with is separate from the role account being used for C2DM. But for the code generated by the plugin, they have to be the same account. Also, don't forget you actually have to sign up for C2DM, as it isn't enabled in all accounts by default.