4

The app I'm writing is connecting to a XMPP server, and if the user chooses, I want to give them the option to connect to their google chat account, without having to enter the credentials...

To do this, I'd get the permission to use the google account, get the token and authenticate to google talk (XMPP server, using Smack) using the token..

The problem is.. how do I do that? I mean, how do I authenticate to the GTalk server if I know the login and the token?

Any ideas, insights? :)
If not, maybe anyone knows where could I find someone that knows? (Google contacts, anyone? :P )

inazaruk
  • 74,247
  • 24
  • 188
  • 156
Artiom Chilaru
  • 11,811
  • 4
  • 41
  • 52

1 Answers1

8

You're looking for documentation on the X-GOOGLE-TOKEN SASL mechanism. This should be the beginning. Use service=mail:

https://www.google.com/accounts/ClientLogin?
    accountType=GOOGLE&
    Email=YOURUSERNAME@gmail.com&
    Passwd=YOURPASSWORD&
    service=mail

Which will return 200 OK and three values:

SID=<long string>
LSID=<long string>
Auth=<long string>

Parse out the Auth string, then construct a string with this form:

jidAndToken ="\0" + UTF8(YOURUSERNAME@gmail.com) + "\0" + Auth

(where "\0" is intended to be a single octet with value zero). Use this in the initial SASL auth:

<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' 
      mechanism='X-GOOGLE-TOKEN'>Base64(jidAndToken)</auth>
Joe Hildebrand
  • 10,354
  • 2
  • 38
  • 48
  • Considering that I'm coding on android, I think I should be able to get the auth token using the android SDK (otherwise it makes no sense - this first request need the pass :P ) I'll check the second part today, and if it works as I need - this will be perfect ^_^ – Artiom Chilaru Jun 02 '11 at 09:05
  • This was perfectly spot on! Exactly what I needed! Thanks a lot :) – Artiom Chilaru Jun 02 '11 at 22:15
  • One question: Is there any way to make it work with service type "talk" rather than "mail"? It seems like "talk" would be more appropriate, but it doesn't seem to allow me to log in – Artiom Chilaru Jun 04 '11 at 14:54
  • That's just what GoogleTalk requires. Think of "mail" as an opaque string that just has to be the four octets 0x6d, 0x61, 0x69, 0x6c. – Joe Hildebrand Jun 05 '11 at 19:06
  • lol, dammit.. Still, seems weird, considering that if I use "talk" it actually displays "Google Talk".. so the service is resolved, but doesn't allow permissions =/ Anyway, thanks.. it works, and I'm happy ) – Artiom Chilaru Jun 06 '11 at 17:13
  • @artiom-chilaru I'm trying to use this as well, but there's something I don't get: you still need to ask for a username and password when getting the token right? that's not really Oauth 2.0 is it? is there a way to log in to the chat using the oauth token and token secret? thanks – Guillaume Sep 12 '11 at 17:42
  • I don't think that Google is claiming that this is OAuth in any way. – Joe Hildebrand Sep 13 '11 at 15:19
  • @Guillaume No-no, you don't need to ask the user for their password in your android app. You have to use the AccountManager to get the token (same token you'd get from the GET request in Joe's answer), and you use it to build the jidAndToken value, that you'll pass to the SASL Mechanism. Drop me a message if you need more details :) – Artiom Chilaru Sep 14 '11 at 16:51
  • @artiom-chilaru no easy to find your email anywhere! I actually thought you were using Oauth, but this is just the old Auth Client or whatever from Google, which is not what I'm looking for. Facebook works well with Oauth, but couldn't find anybody using Oauth with Google Talk. Would you mind showing me how you connect with this jidAndToken and smack? my email is guillaume.royer@coosmic.com. Thx – Guillaume Sep 14 '11 at 17:36