[aerogear-dev] Cordova Ouath2 plugin using Google Play Services

Brian Leathem bleathem at gmail.com
Wed Feb 25 19:35:18 EST 2015


Hello all,

So I've gotten pretty close in my implementation, but I've got one blocker:

The account selection and Oath2 token request are initiated using an
intent.  The result is then retrieved by implementing the
#onActivityResult method of the initial activity.  The problem I'm
facing is the original activity exists in the user's application. 
Nesting activities isn't a solution, as I still don't have access to the
top-level activity.

Implementing this purely as a cordova plugin is trivial, as I can just
@Override the #onActivityResult of the CordovaPlugin class.

Do any Android experts have a recommendation on how I can implement this
as a generic Android library in android-authz?

Alternatively if we implement this directly in the oauth2-codova plugin
I have everything we need already complete.

Brian

On 2015-02-25 10:44 AM, Daniel Passos wrote:
>
> Hey Brian,
>
> You can. but not necessarily need do that.. You can create your own
> workflow.
>
> Just implement your own:
>
>  *
>
>     OAuth2AuthroizationConfigurationProvider
>
>  *
>
>     AuthorizationConfiguration
>
>   * AuthzModule.java
>
> And let the |AuthorizationManager| know[1] your new Authz
>
> |AuthorizationManager.registerConfigurationProvider(YourNewAuthorizationConfiguration, new YourNewOAuth2AuthroizationConfigurationProvider)
> |
>
> [1]
> https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-android-authz/src/main/java/org/jboss/aerogear/android/authorization/AuthorizationManager.java#L37-L41
>
> -- Passos
>
>
>>
> On Wed, Feb 25, 2015 at 3:30 PM, Brian Leathem <bleathem at gmail.com
> <mailto:bleathem at gmail.com>> wrote:
>
>     ... and the devil is in the details.
>
>     It seems as though all the current AuzthzModules use an http based
>     approach to requesting an Oauth2 token.  I see this being done in
>     OAuth2WebFragmentFetchAutorization#doAuthorization method, where
>     an OAuthWebViewDialog is used to trigger the Oauth2 token request.
>
>     To use Google Play services to trigger an Oauth2 token request, we
>     won't use an http approach, but rather we start an activity to
>     select an account and request an Oauth2 token.  Once the token is
>     retrieved it can then be used with the standard http Oauth2 API.
>
>     (One caveat: the google play services token response doesn't
>     provide a refresh token.  I believe this to be a non-issue as the
>     token request process is trivial when using google play services
>     (no authentication step)).
>
>     I see to ways to implement this feature:
>
>     1) Generalize the OAuth2WebFragmentFetchAutorization into an
>     interface, and have one implementation to handle http-based token
>     requests, and second implementation to handle intent-based token
>     requests.
>
>     2) Add a OAuth2AuthorizationConfiguration option to use intents
>     instead of http, and trigger a different workflow within the
>     OAuth2WebFragmentFetchAutorization#doAuthorization method if that
>     config is set.
>
>     My preference is for 2) because it's a) simpler, and b) it is
>     really only during the #doAuthorization method that we have a
>     different approach.
>
>     Thoughts?  I'll start with implementing approach (2) unless I hear
>     otherwise.
>
>     Brian
>
>
>     On 2015-02-24 07:25 PM, Matthias Wessendorf wrote:
>>
>>
>>     On Wednesday, February 25, 2015, Daniel Passos <daniel at passos.me
>>     <mailto:daniel at passos.me>> wrote:
>>
>>         No, we are not using Google Play services API for now for
>>         OAuth2 in Android land. 
>>
>>         But feel free create a new AuthzModule[1] for it ;)
>>
>>
>>     +1
>>      
>>
>>
>>         [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-android-authz/src/main/java/org/jboss/aerogear/android/authorization/AuthzModule.java
>>
>>         -- Passos
>>
>>
>>         On Tue, Feb 24, 2015 at 4:01 PM, Sebastien Blanc
>>         <scm.blanc at gmail.com> wrote:
>>
>>             Cool stuff Brian ! 
>>             The AeroGear OAuth2 Cordova plugin relies on the Native
>>             AeroGear OAuth2  Libraries, so maybe Summers and/or
>>             Daniel could tell  more about it. 
>>             Sebi
>>              
>>
>>             On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem
>>             <bleathem at gmail.com> wrote:
>>
>>                 Hey gear-heads,
>>
>>                 I recently wrote a Cordova plugin that retrieves a
>>                 Oauth2 token on
>>                 Android using Google Play Services.  The advantage of
>>                 this approach is
>>                 it leverages the single-sign-on capabilities of
>>                 android, and the app can
>>                 retrieve the Oauth2 token without requiring
>>                 Authentication from the
>>                 user. I blogged about it here:
>>
>>                 http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html
>>
>>                 Using a promise-based API it's fairly trivial to
>>                 fallback to a
>>                 traditional Web authentication/authorisation for the
>>                 Oauth2 token when
>>                 the google-play-services approach isn't supported.
>>
>>                 I'm aware the aerogear team has a Oauth2 cordova
>>                 plugin [1], but it's
>>                 not clear to me if the google-play-services
>>                 integration is supported.
>>                 If the Aerogeam would find it useful, I'd be more
>>                 than happy to provide
>>                 a PR to the aerogear cordova plugin providing such
>>                 integration.
>>
>>                 Thoughts?
>>                 Brian
>>
>>                 [1]
>>                 http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth2.html
>>                 _______________________________________________
>>                 aerogear-dev mailing list
>>                 aerogear-dev at lists.jboss.org
>>                 https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>>
>>
>>             _______________________________________________
>>             aerogear-dev mailing list
>>             aerogear-dev at lists.jboss.org
>>             https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>>
>>
>>
>>     -- 
>>     Sent from Gmail Mobile
>>
>>
>>     _______________________________________________
>>     aerogear-dev mailing list
>>     aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org>
>>     https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>     _______________________________________________
>     aerogear-dev mailing list
>     aerogear-dev at lists.jboss.org <mailto:aerogear-dev at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20150225/1372d01d/attachment.html 


More information about the aerogear-dev mailing list