<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body>
    <div class="moz-cite-prefix">On 11/26/2014 11:24 AM, Matthias
      Wessendorf wrote:<br>
    </div>
    <blockquote
cite="mid:CAAg5f2QEuxppYkvy3BYd15J6qwifQWCL5nFy-RpaPSF-tV1b1w@mail.gmail.com"
      type="cite">
      <div dir="ltr"><br>
        <div class="gmail_extra"><br>
          <div class="gmail_quote">On Mon, Sep 15, 2014 at 5:28 PM,
            Bruno Oliveira <span dir="ltr">&lt;<a
                moz-do-not-send="true" href="mailto:bruno@abstractj.org"
                target="_blank">bruno@abstractj.org</a>&gt;</span>
            wrote:<br>
            <blockquote class="gmail_quote" style="margin:0 0 0
              .8ex;border-left:1px #ccc solid;padding-left:1ex">
              <span>Amazing Summers! Please turn this list of thing into
                Jiras if possible.</span></blockquote>
            <div><br>
            </div>
            <div>late reply :-)</div>
            <div><br>
            </div>
            <div><br>
            </div>
            <div>+1 I really like that - let's make sure we track that
              with JIRA - this _IS_ A really cool feature and does add a
              lot of value for our OAuth/KC bits!</div>
          </div>
        </div>
      </div>
    </blockquote>
    Sure thing, I'll work with passos and abstractj to make something
    coherent.<br>
    <blockquote
cite="mid:CAAg5f2QEuxppYkvy3BYd15J6qwifQWCL5nFy-RpaPSF-tV1b1w@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div class="gmail_extra">
          <div class="gmail_quote">
            <div><br>
            </div>
            <div>-Matthias</div>
            <div> </div>
            <blockquote class="gmail_quote" style="margin:0 0 0
              .8ex;border-left:1px #ccc solid;padding-left:1ex">
              <div>—<br>
                abstractj <br>
                PGP: 0x84DC9914 </div>
              <div class="HOEnZb">
                <div class="h5">
                  <br>
                  <br>
                  <div class="gmail_quote">
                    <p>On Mon, Sep 15, 2014 at 11:36 AM, Summers Pittman
                      <span dir="ltr">&lt;<a moz-do-not-send="true"
                          href="mailto:supittma@redhat.com"
                          target="_blank">supittma@redhat.com</a>&gt;</span>
                      wrote:<br>
                    </p>
                    <blockquote class="gmail_quote" style="margin:0 0 0
                      .8ex;border-left:1px #ccc solid;padding-left:1ex">
                      <p>&lt;tldr&gt;DEVELOPERS WILL NEVER HAVE TO WRITE
                        ANOTHER LINE OF AUTH LOGIC <br>
                        AGAIN!&lt;/tldr&gt;
                        <br>
                        <br>
                        Over the weekend I tried my hand at writing a
                        Android Account <br>
                        Authenticator for KeyCloak. This lets Android
                        manage the KeyCloak <br>
                        account, fetch tokens, provide tokens to other
                        apps etc. KeyCloak <br>
                        Authenticator let's you drop your keycloak.json
                        file into an apk and <br>
                        access your KeyCloak Account with one line of
                        code from any application <br>
                        on your Android device.
                        <br>
                        <br>
                        Right now this is very much in the "I have an
                        itch needing scratching" <br>
                        phase. It doesn't do any robust error handling,
                        hasn't been testing off <br>
                        the golden scenario, has no integration with any
                        of the AeroGear stuff, <br>
                        etc. Take a moment to watch the Demo and look at
                        the demo project.
                        <br>
                        <br>
                        Video Demo : <br>
                        <a moz-do-not-send="true"
                          href="https://plus.google.com/103442292643366117394/posts/WSFbdodMsej"
                          target="_blank">https://plus.google.com/103442292643366117394/posts/WSFbdodMsej</a>
                        <br>
                        <br>
                        The Demo video uses Android's native account
                        menu to request from the <br>
                        authenticator a KeyCloak account. This launches
                        the authenticator's <br>
                        activity which will retrieve the credentials for
                        Android and store <br>
                        them. When I am back in the settings page and
                        showing off the stored <br>
                        account, this is all native Android UI and not
                        part of the KeyCloak <br>
                        authenticator.
                        <br>
                        <br>
                        When I launch the Demo application this is a
                        separate application from <br>
                        the authenticator apk. The Demo project fetches
                        the KeyCloak account <br>
                        from Android and gets its auth token. Then it
                        makes a request to <br>
                        KeyCloak's account service to fetch the user's
                        account data.
                        <br>
                        <br>
                        In the demo app there are three lines of code
                        related to auth.
                        <br>
                        <br>
                        final Account account =
                        am.getAccountsByType("org.keycloak.Account")[0];
                        <br>
                        String token = am.getAuthToken(account,
                        "org.keycloak.Account.token", <br>
                        null, null, null,
                        null).getResult().getString(AccountManager.KEY_AUTHTOKEN);
                        <br>
                        <br>
                        and
                        <br>
                        <br>
                        provider.setDefaultHeader("Authorization",
                        "bearer " + token);
                        <br>
                        <br>
                        The first two lines fetch the account and token
                        from Android. The <br>
                        second line attaches the account's auth token to
                        the web request to the <br>
                        server.
                        <br>
                        <br>
                        So now what? I'll probably use this for my
                        projects/demos because it <br>
                        makes my work easier. Right now it doesn't have
                        any connection to any <br>
                        of the "official" projects (Again, I wrote this
                        over the weekend to see <br>
                        if I could) however it may be quite useful to
                        someone. In the project's <br>
                        README I've included a (incomplete) list of
                        things that don't work.
                        <br>
                        <br>
                        wdyt?
                        <br>
                        <br>
                        Links :
                        <br>
                        Project : <a moz-do-not-send="true"
                          href="https://github.com/secondsun/keycloak-android-authenticator"
                          target="_blank">https://github.com/secondsun/keycloak-android-authenticator</a>
                        <br>
                        Video Demo : <br>
                        <a moz-do-not-send="true"
                          href="https://plus.google.com/103442292643366117394/posts/WSFbdodMsej"
                          target="_blank">https://plus.google.com/103442292643366117394/posts/WSFbdodMsej</a>
                        <br>
                        Demo Source : <br>
                        <a moz-do-not-send="true"
                          href="https://github.com/secondsun/keycloak-account-authenticator-demo/"
                          target="_blank">https://github.com/secondsun/keycloak-account-authenticator-demo/</a>
                        <br>
                        <br>
                        <br>
                        -- <br>
                        Summers Pittman
                        <br>
                        &gt;&gt;Phone:404 941 4698
                        <br>
                        &gt;&gt;Java is my crack.
                        <br>
                        <br>
                        _______________________________________________
                        <br>
                        aerogear-dev mailing list
                        <br>
                        <a moz-do-not-send="true"
                          href="mailto:aerogear-dev@lists.jboss.org"
                          target="_blank">aerogear-dev@lists.jboss.org</a>
                        <br>
                        <a moz-do-not-send="true"
                          href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
                          target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a>
                        <br>
                      </p>
                    </blockquote>
                  </div>
                  <br>
                </div>
              </div>
              <br>
              _______________________________________________<br>
              aerogear-dev mailing list<br>
              <a moz-do-not-send="true"
                href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
              <a moz-do-not-send="true"
                href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
                target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
            </blockquote>
          </div>
          <br>
          <br clear="all">
          <div><br>
          </div>
          -- <br>
          <div class="gmail_signature">Matthias Wessendorf <br>
            <br>
            blog: <a moz-do-not-send="true"
              href="http://matthiaswessendorf.wordpress.com/"
              target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>
            sessions: <a moz-do-not-send="true"
              href="http://www.slideshare.net/mwessendorf"
              target="_blank">http://www.slideshare.net/mwessendorf</a><br>
            twitter: <a moz-do-not-send="true"
              href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a></div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
aerogear-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/aerogear-dev">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
    </blockquote>
    <br>
    <br>
    <pre class="moz-signature" cols="72">-- 
Summers Pittman
&gt;&gt;Phone:404 941 4698
&gt;&gt;Java is my crack.
</pre>
  </body>
</html>