[aerogear-dev] [Android] KeyCloak Authenticator

Bruno Oliveira bruno at abstractj.org
Mon Sep 15 11:28:10 EDT 2014


Amazing Summers! Please turn this list of thing into Jiras if possible.—
abstractj 
PGP: 0x84DC9914

On Mon, Sep 15, 2014 at 11:36 AM, Summers Pittman <supittma at redhat.com>
wrote:

> <tldr>DEVELOPERS WILL NEVER HAVE TO WRITE ANOTHER LINE OF AUTH LOGIC 
> AGAIN!</tldr>
> Over the weekend I tried my hand at writing a Android Account 
> Authenticator for KeyCloak.  This lets Android manage the KeyCloak 
> account, fetch tokens, provide tokens to other apps etc.  KeyCloak 
> Authenticator let's you drop your keycloak.json file into an apk and 
> access your KeyCloak Account with one line of code from any application 
> on your Android device.
> Right now this is very much in the "I have an itch needing scratching" 
> phase.  It doesn't do any robust error handling, hasn't been testing off 
> the golden scenario, has no integration with any of the AeroGear stuff, 
> etc.  Take a moment to watch the Demo and look at the demo project.
>   Video Demo : 
> https://plus.google.com/103442292643366117394/posts/WSFbdodMsej
> The Demo video uses Android's native account menu to request from the 
> authenticator a KeyCloak account.  This launches the authenticator's 
> activity which will retrieve the credentials for Android and store 
> them.  When I am back in the settings page and showing off the stored 
> account, this is all native Android UI and not part of the KeyCloak 
> authenticator.
> When I launch the Demo application this is a separate application from 
> the authenticator apk.  The Demo project fetches the KeyCloak account 
> from Android and gets its auth token.  Then it makes a request to 
> KeyCloak's account service to fetch the user's account data.
> In the demo app there are three lines of code related to auth.
>    final Account account = am.getAccountsByType("org.keycloak.Account")[0];
>    String token = am.getAuthToken(account, "org.keycloak.Account.token", 
> null, null, null, null).getResult().getString(AccountManager.KEY_AUTHTOKEN);
> and
> provider.setDefaultHeader("Authorization", "bearer " + token);
> The first two lines fetch the account and token from Android.  The 
> second line attaches the account's auth token to the web request to the 
> server.
> So now what?  I'll probably use this for my projects/demos because it 
> makes my work easier.  Right now it doesn't have any connection to any 
> of the "official" projects (Again, I wrote this over the weekend to see 
> if I could) however it may be quite useful to someone.  In the project's 
> README I've included a (incomplete) list of things that don't work.
> wdyt?
> Links :
>   Project : https://github.com/secondsun/keycloak-android-authenticator
>   Video Demo : 
> https://plus.google.com/103442292643366117394/posts/WSFbdodMsej
>   Demo Source : 
> https://github.com/secondsun/keycloak-account-authenticator-demo/
> -- 
> Summers Pittman
>>>Phone:404 941 4698
>>>Java is my crack.
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140915/2f99ff83/attachment-0001.html 


More information about the aerogear-dev mailing list