[aerogear-dev] [Android] KeyCloak Authenticator

Wed Nov 26 11:24:36 EST 2014

On Mon, Sep 15, 2014 at 5:28 PM, Bruno Oliveira <bruno at abstractj.org> wrote:

> Amazing Summers! Please turn this list of thing into Jiras if possible.

late reply :-)

+1 I really like that - let's make sure we track that with JIRA - this _IS_
A really cool feature and does add a lot of value for our OAuth/KC bits!

-Matthias

> —
> abstractj
> PGP: 0x84DC9914
>
>
> On Mon, Sep 15, 2014 at 11:36 AM, Summers Pittman <supittma at redhat.com>
> wrote:
>
>> <tldr>DEVELOPERS WILL NEVER HAVE TO WRITE ANOTHER LINE OF AUTH LOGIC
>> AGAIN!</tldr>
>>
>> Over the weekend I tried my hand at writing a Android Account
>> Authenticator for KeyCloak. This lets Android manage the KeyCloak
>> account, fetch tokens, provide tokens to other apps etc. KeyCloak
>> Authenticator let's you drop your keycloak.json file into an apk and
>> access your KeyCloak Account with one line of code from any application
>> on your Android device.
>>
>> Right now this is very much in the "I have an itch needing scratching"
>> phase. It doesn't do any robust error handling, hasn't been testing off
>> the golden scenario, has no integration with any of the AeroGear stuff,
>> etc. Take a moment to watch the Demo and look at the demo project.
>>
>> Video Demo :
>> https://plus.google.com/103442292643366117394/posts/WSFbdodMsej
>>
>> The Demo video uses Android's native account menu to request from the
>> authenticator a KeyCloak account. This launches the authenticator's
>> activity which will retrieve the credentials for Android and store
>> them. When I am back in the settings page and showing off the stored
>> account, this is all native Android UI and not part of the KeyCloak
>> authenticator.
>>
>> When I launch the Demo application this is a separate application from
>> the authenticator apk. The Demo project fetches the KeyCloak account
>> from Android and gets its auth token. Then it makes a request to
>> KeyCloak's account service to fetch the user's account data.
>>
>> In the demo app there are three lines of code related to auth.
>>
>> final Account account = am.getAccountsByType("org.keycloak.Account")[0];
>> String token = am.getAuthToken(account, "org.keycloak.Account.token",
>> null, null, null,
>> null).getResult().getString(AccountManager.KEY_AUTHTOKEN);
>>
>> and
>>
>> provider.setDefaultHeader("Authorization", "bearer " + token);
>>
>> The first two lines fetch the account and token from Android. The
>> second line attaches the account's auth token to the web request to the
>> server.
>>
>> So now what? I'll probably use this for my projects/demos because it
>> makes my work easier. Right now it doesn't have any connection to any
>> of the "official" projects (Again, I wrote this over the weekend to see
>> if I could) however it may be quite useful to someone. In the project's
>> README I've included a (incomplete) list of things that don't work.
>>
>> wdyt?
>>
>> Links :
>> Project : https://github.com/secondsun/keycloak-android-authenticator
>> Video Demo :
>> https://plus.google.com/103442292643366117394/posts/WSFbdodMsej
>> Demo Source :
>> https://github.com/secondsun/keycloak-account-authenticator-demo/
>>
>>
>> --
>> Summers Pittman
>> >>Phone:404 941 4698
>> >>Java is my crack.
>>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>

-- 
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20141126/2afb66d9/attachment.html 