[aerogear-dev] [Android] KeyCloak Authenticator
Summers Pittman
supittma at redhat.com
Mon Sep 15 12:10:57 EDT 2014
On 09/15/2014 11:28 AM, Bruno Oliveira wrote:
> Amazing Summers! Please turn this list of thing into Jiras if possible.
Probably will. I need to figure out what this even belongs to
(AeroGear, KeyCloak etc) and then get it hosted there.
I suppose a cage match between bburke and matzew is in order ;)
> ---
> abstractj
> PGP: 0x84DC9914
>
>
> On Mon, Sep 15, 2014 at 11:36 AM, Summers Pittman <supittma at redhat.com
> <mailto:supittma at redhat.com>> wrote:
>
> <tldr>DEVELOPERS WILL NEVER HAVE TO WRITE ANOTHER LINE OF AUTH LOGIC
> AGAIN!</tldr>
>
> Over the weekend I tried my hand at writing a Android Account
> Authenticator for KeyCloak. This lets Android manage the KeyCloak
> account, fetch tokens, provide tokens to other apps etc. KeyCloak
> Authenticator let's you drop your keycloak.json file into an apk and
> access your KeyCloak Account with one line of code from any
> application
> on your Android device.
>
> Right now this is very much in the "I have an itch needing
> scratching"
> phase. It doesn't do any robust error handling, hasn't been
> testing off
> the golden scenario, has no integration with any of the AeroGear
> stuff,
> etc. Take a moment to watch the Demo and look at the demo project.
>
> Video Demo :
> https://plus.google.com/103442292643366117394/posts/WSFbdodMsej
>
> The Demo video uses Android's native account menu to request from the
> authenticator a KeyCloak account. This launches the authenticator's
> activity which will retrieve the credentials for Android and store
> them. When I am back in the settings page and showing off the stored
> account, this is all native Android UI and not part of the KeyCloak
> authenticator.
>
> When I launch the Demo application this is a separate application
> from
> the authenticator apk. The Demo project fetches the KeyCloak account
> from Android and gets its auth token. Then it makes a request to
> KeyCloak's account service to fetch the user's account data.
>
> In the demo app there are three lines of code related to auth.
>
> final Account account =
> am.getAccountsByType("org.keycloak.Account")[0];
> String token = am.getAuthToken(account, "org.keycloak.Account.token",
> null, null, null,
> null).getResult().getString(AccountManager.KEY_AUTHTOKEN);
>
> and
>
> provider.setDefaultHeader("Authorization", "bearer " + token);
>
> The first two lines fetch the account and token from Android. The
> second line attaches the account's auth token to the web request
> to the
> server.
>
> So now what? I'll probably use this for my projects/demos because it
> makes my work easier. Right now it doesn't have any connection to any
> of the "official" projects (Again, I wrote this over the weekend
> to see
> if I could) however it may be quite useful to someone. In the
> project's
> README I've included a (incomplete) list of things that don't work.
>
> wdyt?
>
> Links :
> Project : https://github.com/secondsun/keycloak-android-authenticator
> Video Demo :
> https://plus.google.com/103442292643366117394/posts/WSFbdodMsej
> Demo Source :
> https://github.com/secondsun/keycloak-account-authenticator-demo/
>
>
> --
> Summers Pittman
> >>Phone:404 941 4698
> >>Java is my crack.
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Summers Pittman
>>Phone:404 941 4698
>>Java is my crack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140915/153fe673/attachment.html
More information about the aerogear-dev
mailing list