3

Is there a way to request for offline access using the Google play services sdk on android? I know that the raw HTTP api has an option to do this by requesting for a refresh token, but couldn't find a way to do it via the new Google Play services sdk.

The new sdk gives the app an access token using the GoogleAuthUtil.getToken() method, but the access token expires every hour. I could make the raw http request and have the user sign in from a web view or the browser, but would prefer a way to do it natively using the sdk, since that is a much better experience for the user.

Wolfram Arnold
  • 7,159
  • 5
  • 44
  • 64
aarkay
  • 191
  • 1
  • 7

1 Answers1

1

Searching the Google docs near and far, it does look like that this is possible. Google calls this "Cross-client Identity" under its "Hybrid Apps" category.

You can apparently massage the string for the scope parameter you pass into GoogleAuthUtil.getToken(...) method to coax it into returning an "Authorization Code" rather than an OAuth2 Token. (For the difference between these, I've found this chart helpful.)

The details are here, specifically the last section titled "Android app obtains offline access for Web back-end".

It seems you'll need to pass in the following as "scope" string to getToken:

oauth2:server:client_id:<your_server_client_id>:api_scope:<scope_url_1> <scope_url_2> ...

The doc then claims this:

In this case, GoogleAuthUtil.getToken() will first require that the user has authorized this Project for access to the two scopes. Assuming this is OK, it will return, not an OAuth token, but a short-lived authorization code, which can be exchanged for an access token and a refresh token.

Disclaimer: I've not tried this myself yet; our Android developer will shortly. Please report if this is working for you.

Maksim
  • 16,635
  • 27
  • 94
  • 135
Wolfram Arnold
  • 7,159
  • 5
  • 44
  • 64