I have taken up an assignment for a website and I am creating an android app for them. I am new to android programming and also new to web programming (using xml, http post and get, etc.).
My doubt is a basic one. I am trying to create the login page for this website and I don't know if the url of the website is sufficient or I need some other data such as the website's server address. And if I do need the web server address, is there a way to obtain this from my browser? Or do I ask the people who made the website itself for this?
P.S. I apologize if this is a very basic doubt. Bear with me. I am a beginner.
I am not an android application expert but I think you would need to get details about the following :
How to pass authentication details to server, for example if you need to get a SAML token from any of the ID servers? Or is it just sending out the plain username and password.
Just the website url may not be enough.
Please have a look at the weblink for authenticating against openID or SAML technologies
https://developers.google.com/accounts/docs/MobileApps
It depends on how the website is structured. Is there some kind of API for the website? If so use that. Otherwise you'll have to post the data to the same page the data gets POSTed to through a browser and find some way to catch an error or success. This method is not preferred. Also there may be some kind of central authentication server (Such as LDAP or AD) If so you would have to interface directly with that.
Related
I am making a desktop application for Reddit in Java. I want to let users log in to their Reddit account via my application so that they can do things on Reddit. I know that I need to get access tokens and whatnot but I don't know how to go through the process of doing that. Whenever I have accessed the API previously, it has been in Python using PRAW, so I would manually enter in the client id and client secret - obviously I can't be doing this for a professional application. I'd appreciate it if anyone would guide me through the process of authenticating the user and how to receive and use the access token.
You have to use oauth apis. There is a sample integration for reddit. https://www.e4developer.com/2018/11/04/reddit-api-authentication-with-java-spring/
also there are developer guide for oauth in reddit page
https://reddit.com/dev/api/oauth
Reddit github page have good documentation
https://github.com/reddit-archive/reddit/wiki/OAuth2
I'm coding a website for a client as well as an app that mirrors the site. Does anyone have a good understanding on how to implement users created on the Joomla site and use that same database on an App for android? The app and site will allow users to change and add new data and the data must be current on the site and the app.
Thanks.
There is Hoicoi Api in JED,
its an extension that retrieve data or user authentication from Joomla! site and converted all information into JSON format. Never tried it but I think it could help you to get started via the user authentication.
I spent a lot of time looking for any clarifications about using oAuth with FB and Twitter.
I have to do application which will be using access_token. This token will be used also on diffrent devices to access user account via API.
When I'm looking for "how to use access_token" I only finding "how to get token".
If I something miss reading documentation please let me know, especially where is example - how to use this token on other devices to access API to send eg. post.
I have found Twiiter4j and Facebook4j these libs helped me... I've got this access_token and now what next, how connect to API... I know that it's no possible to get access to Twiiter API - ok, but what about FB and "client side"
please help.
Oauth can be complicated so let me try to explain it simply.
User visits your website
Your website checks if it has seen this visitor before (usually with a cookie)
If not, send them to FB/Twitter/Whatever's oauth url. In that redirect, we tell FB/Twitter/Whatever that we're going to need x,y,z permissions (access a users timeline, see a users friends, etc). We also tell FB/Twitter/Whatever that when the user says ok, send them back to www.myurl... Finally, we take everything in this request and "encrypt" it, to prove it's really our site asking. The key to this is only saved on our backend, so the frontend (javascript/html) never sees it.
FB/Twitter/Whatever sees the request. They also see the "encryped" form of the requests. Fb/Twitter/Whatever knows this key too (they gave it to us, it's usually called the "secret" when you're configuring your oauth) They can verify it's really your backend asking for permission.
If the user agrees, we get a token. We store that token (on our backend, php, java, ruby, etc) and remember it belongs to that user.
The main thing to stress here is that in order to do the oauth handshake, you need a secret key that you never output to the browser. That means you'll need to implement part of this on your backend. You've tagged this with java so maybe that means you're using java as your backend, maybe with Google app engine or something. You'll need to find the oauth library for that, and work it out from there.
You can't create the oauth handshake only with frontend code.
I'm trying to develop an android app which needs to fetch information from a servlet hosted in my Java EE application server.
To access this servlet, I need to be first authenticated with the Application server. I searched the web to get information on how exactly this works. During authentication how dows the android app store the cookie, and then how does it transfers the cookie to the server for every request?
I got some bits and pieces of information about HttpClient. I'm not sure if this is the correct one which I should be using. It will be a great help if someone could guide me. If there are any documents available please share with me.
Maybe the HttpUrlConnection documentation page is what you are looking for?
I am assuming this is native app, if so, first you need to authenticate and get the cookie. It would be your responsibility to store the cookie some where and pass it in sussequent http calls. If it is not native, I am not sure how it works.
I am working with a small webpage using java and servlets. From my webpage I want to open a third party website without showing its login page. I mean to say authenticating it from Java and entering its home page. Can anyone help me with it?
You have to distinguish between the server (your app) and the client (the browser). Even if you (the server) would authenticate successfully, the client still wouldn't be authenticated, as you have no way to pass the authentication data to the client (cookie restrictions etc.).
So what you could do is read the HTML data of the foreign site on your server and stream it out to your client. But the performance would be miserable, you would have to rewrite every single link on the pages and most of all: you would probably violate copyright laws. Don't do it!
I don't think there is a sane solution for you, unless the author of the other site agrees on a shared authentication mechanism with you.