I'm making an app that should allow the user to register through its google account. I want to retrieve automatically as many profile infos as I can. I found this very interesting example, which would allow me to get many infos (see step 4 of that demo). Now, how do I use it on android? I saw many examples of how to get the authentication token with the AccountManager with Oauth2 (example), but I don't know what to do from there to make those calls and retrieve those infos. Also in that example the code is in javascript and I don't know how to port it properly to java...
I have already done the google dev console registration stuff.
Are Oauth2 and OpenID the same thing? If not, do I have to use either one OR the other?
Asked
Active
Viewed 1,460 times
1
-
1[This is an official doc about Getting Started with the Tasks API and OAuth 2.0 on Android](https://developers.google.com/google-apps/tasks/oauth-and-tasks-on-android) – Owen Cao May 19 '14 at 11:49
-
1[this is difference of OAuth2 and Open ID](http://stackoverflow.com/questions/1087031/whats-the-difference-between-openid-and-oauth) – Owen Cao May 19 '14 at 11:50
-
Thanks, those links were very useful. Now, sinc ethe example I linked (first link) uses OpenID, do I have to use it or can I use google's Oauth2? Can I jump to step 3 of the example and use the token I retrieve with android's AccountManager? – nonzaprej May 19 '14 at 14:20
2 Answers
3
Ok, done. As expected, I found all the infos in the docs, and using Google's Oauth2 Playground helped to understand what to send to https://www.googleapis.com/oauth2/v1/userinfo in order to receive the profile data.
In the end, it turns out we don't need to create a client ID in google's dev console to do this.
Now, to the code. The activity:
public class MainActivity extends Activity {
public Activity mContext;
private AccountManager accountManager;
private final String SCOPES = "oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile";
private String authToken;
private GetProfileDataTask googleTask;
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.your_layout);
mContext = this;
accountManager = AccountManager.get(mContext);
//other stuff here...
}
public void getProfileData() {
accountManager.getAuthTokenByFeatures(
"com.google",
SCOPES,
null, mContext, null, null,
new AccountManagerCallback<Bundle>() {
public void run(AccountManagerFuture<Bundle> future) {
try {
Bundle bundle = future.getResult();
//bundle.getString(AccountManager.KEY_ACCOUNT_NAME);
//bundle.getString(AccountManager.KEY_ACCOUNT_TYPE);
authToken = bundle.getString(AccountManager.KEY_AUTHTOKEN);
} catch (Exception e) {
System.out.println("getAuthTokenByFeatures() cancelled or failed:");
e.printStackTrace();
authToken = "failure";
}
if(!authToken.equals("failure")) {
googleTask = new GetProfileDataTask();
googleTask.execute(authToken);
}
}
}, null);
}
}
The AsyncTask that gets the data:
public class GetProfileDataTask extends AsyncTask<String, Void, String> {
@Override
protected String doInBackground(String... tokens) {
RestTemplate restTemplate = new RestTemplate(false);
restTemplate.getMessageConverters().add(new StringHttpMessageConverter());
String json = null;
try {
//the response is of type "application/json"
json = restTemplate.getForObject(
"https://www.googleapis.com/oauth2/v1/userinfo" +
"?access_token={token}" +
"&access_token_type=bearer",
String.class,
tokens[0]); //this is the authToken from before, obv
} catch(RestClientException er) {
Log.e("GetProfileDataTask", er.toString(), er);
json = null;
}
return json;
}
@Override
protected void onPostExecute(String asyncResult) {
if(asyncResult != null)
//do something with your data, for example deserialize it
else
//do something else
}
}
The received json is like this:
{
"family_name": "Smith",
"name": "John Smith",
"picture": "https://lh3.googleusercontent.com/-randomlettersandnumbers/AAAAAAAAAAI/AAAAAAAAAAA/morerandomlettersandnumbers/photo.jpg",
"locale": "it",
"gender": "male",
"email": "youremail@whatever.itis",
"link": "https://plus.google.com/133780085840848123456",
"given_name": "John",
"id": "133780085840848123456",
"verified_email": true
}
nonzaprej
- 1,322
- 2
- 21
- 30
1
Since you want to allow user sign in your app via their Google accounts, you can use OpenID, and Google supports it.
Note: If you provide a “sign-in with Google” feature, we recommend using Google+ Sign-In.
If you just want get usr's info in Google on behalf of users, you can just use Oauth2. Refer to Google'a official documents, I think they are detailed, authoritative and easy to get along.
As this doc says:
5.Obtain user information from the ID token
An ID token is a cryptographically signed JSON object encoded in base 64. Normally, it is critical that you validate an ID token before you use it, but since you are communicating directly with Google over an intermediary-free HTTPS channel and using your client secret to authenticate yourself to Google, you can be confident that the token you receive really comes from Google and is valid.
So in a word, read these docs carefully and you'll get be clear about how to accomplish your app.
-
Yes, I've already read most of those docs, and I just found some useful ones: [one](https://developers.google.com/+/api/latest/people), [two](https://developers.google.com/+/mobile/android/sign-in). I feel that I'm near to the solution of this. Basically now this question is for myself, and I'll post the answer with the code when I'll succeed. – nonzaprej May 19 '14 at 15:20