<div dir="ltr"><div class="" style><p style="margin:1.2em 0px!important">Hey Brian,</p>
<p style="margin:1.2em 0px!important">You can. but not necessarily need do that.. You can create your own workflow.</p>
<p style="margin:1.2em 0px!important">Just implement your own:</p>
<ul style="margin:1.2em 0px;padding-left:2em">
<li style="margin:0.5em 0px"><p style="margin:0.5em 0px!important">OAuth2AuthroizationConfigurationProvider</p>
</li>
<li style="margin:0.5em 0px"><p style="margin:0.5em 0px!important">AuthorizationConfiguration</p>
</li>
<li style="margin:0.5em 0px">AuthzModule.java</li>
</ul>
<p style="margin:1.2em 0px!important">And let the <code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);border-radius:3px;display:inline;background-color:rgb(248,248,248)">AuthorizationManager</code> know[1] your new Authz</p>
<pre style="font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;white-space:pre;overflow:auto;border-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em;color:rgb(51,51,51);display:block!important;background:rgb(248,248,255)">AuthorizationManager.registerConfigurationProvider(YourNewAuthorizationConfiguration, new YourNewOAuth2AuthroizationConfigurationProvider)
</code></pre><p style="margin:1.2em 0px!important">[1] <a href="https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-android-authz/src/main/java/org/jboss/aerogear/android/authorization/AuthorizationManager.java#L37-L41">https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-android-authz/src/main/java/org/jboss/aerogear/android/authorization/AuthorizationManager.java#L37-L41</a></p><p style="margin:1.2em 0px!important">-- Passos</p>
<div title="MDH:PGRpdj5IZXkmbmJzcDtCcmlhbiw8L2Rpdj48ZGl2Pjxicj48L2Rpdj5Zb3UgY2FuLiBidXQgbm90
IG5lZWQgbmVjZXNzYXJpbHkgZG8gdGhhdC4uIFlvdSBjYW4gY3JlYXRlIHlvdXIgb3duIHdvcmtm
bG93LjxkaXY+PGJyPjwvZGl2PjxkaXY+SnVzdCBpbXBsZW1lbnQgeW91ciBvd246PC9kaXY+PGRp
dj48YnI+PC9kaXY+PGRpdj4qJm5ic3A7T0F1dGgyQXV0aHJvaXphdGlvbkNvbmZpZ3VyYXRpb25Q
cm92aWRlcjxicj48L2Rpdj48ZGl2PiombmJzcDtBdXRob3JpemF0aW9uQ29uZmlndXJhdGlvbjwv
ZGl2PjxkaXY+KiZuYnNwO0F1dGh6TW9kdWxlLmphdmE8L2Rpdj48ZGl2Pjxicj48L2Rpdj48ZGl2
PkFuZCBsZXQgdGhlIGBBdXRob3JpemF0aW9uTWFuYWdlcmAga25vd1sxXSB5b3VyIG5ldyBBdXRo
ejwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+YGBgPC9kaXY+PGRpdj5BdXRob3JpemF0aW9uTWFu
YWdlci5yZWdpc3RlckNvbmZpZ3VyYXRpb25Qcm92aWRlcihZb3VyTmV3QXV0aG9yaXphdGlvbkNv
bmZpZ3VyYXRpb24sIG5ldyBZb3VyTmV3T0F1dGgyQXV0aHJvaXphdGlvbkNvbmZpZ3VyYXRpb25Q
cm92aWRlcik8L2Rpdj48ZGl2PmBgYDwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+WzFdJm5ic3A7
aHR0cHM6Ly9naXRodWIuY29tL2Flcm9nZWFyL2Flcm9nZWFyLWFuZHJvaWQtYXV0aHovYmxvYi9t
YXN0ZXIvYWVyb2dlYXItYW5kcm9pZC1hdXRoei9zcmMvbWFpbi9qYXZhL29yZy9qYm9zcy9hZXJv
Z2Vhci9hbmRyb2lkL2F1dGhvcml6YXRpb24vQXV0aG9yaXphdGlvbk1hbmFnZXIuamF2YSNMMzct
TDQxPC9kaXY+PGRpdj48YnI+PC9kaXY+" style="height:0px;width:0px;max-height:0px;max-width:0px;overflow:hidden;font-size:0em;padding:0px;margin:0px"><br></div><div title="MDH:PGRpdj5IZXkmbmJzcDtCcmlhbiw8L2Rpdj48ZGl2Pjxicj48L2Rpdj5Zb3UgY2FuLiBidXQgbm90
IG5lZWQgbmVjZXNzYXJpbHkgZG8gdGhhdC4uIFlvdSBjYW4gY3JlYXRlIHlvdXIgb3duIHdvcmtm
bG93LjxkaXY+PGJyPjwvZGl2PjxkaXY+SnVzdCBpbXBsZW1lbnQgeW91ciBvd246PC9kaXY+PGRp
dj48YnI+PC9kaXY+PGRpdj4qJm5ic3A7T0F1dGgyQXV0aHJvaXphdGlvbkNvbmZpZ3VyYXRpb25Q
cm92aWRlcjxicj48L2Rpdj48ZGl2PiombmJzcDtBdXRob3JpemF0aW9uQ29uZmlndXJhdGlvbjwv
ZGl2PjxkaXY+KiZuYnNwO0F1dGh6TW9kdWxlLmphdmE8L2Rpdj48ZGl2Pjxicj48L2Rpdj48ZGl2
PkFuZCBsZXQgdGhlIGBBdXRob3JpemF0aW9uTWFuYWdlcmAga25vd1sxXSB5b3VyIG5ldyBBdXRo
ejwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+YGBgPC9kaXY+PGRpdj5BdXRob3JpemF0aW9uTWFu
YWdlci5yZWdpc3RlckNvbmZpZ3VyYXRpb25Qcm92aWRlcihZb3VyTmV3QXV0aG9yaXphdGlvbkNv
bmZpZ3VyYXRpb24sIG5ldyBZb3VyTmV3T0F1dGgyQXV0aHJvaXphdGlvbkNvbmZpZ3VyYXRpb25Q
cm92aWRlcik8L2Rpdj48ZGl2PmBgYDwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+WzFdJm5ic3A7
aHR0cHM6Ly9naXRodWIuY29tL2Flcm9nZWFyL2Flcm9nZWFyLWFuZHJvaWQtYXV0aHovYmxvYi9t
YXN0ZXIvYWVyb2dlYXItYW5kcm9pZC1hdXRoei9zcmMvbWFpbi9qYXZhL29yZy9qYm9zcy9hZXJv
Z2Vhci9hbmRyb2lkL2F1dGhvcml6YXRpb24vQXV0aG9yaXphdGlvbk1hbmFnZXIuamF2YSNMMzct
TDQxPC9kaXY+PGRpdj48YnI+PC9kaXY+" style="height:0px;width:0px;max-height:0px;max-width:0px;overflow:hidden;font-size:0em;padding:0px;margin:0px"></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 25, 2015 at 3:30 PM, Brian Leathem <span dir="ltr"><<a href="mailto:bleathem@gmail.com" target="_blank">bleathem@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>... and the devil is in the details.<br>
<br>
It seems as though all the current AuzthzModules use an http based
approach to requesting an Oauth2 token. I see this being done in
OAuth2WebFragmentFetchAutorization#doAuthorization method, where
an OAuthWebViewDialog is used to trigger the Oauth2 token request.<br>
<br>
To use Google Play services to trigger an Oauth2 token request, we
won't use an http approach, but rather we start an activity to
select an account and request an Oauth2 token. Once the token is
retrieved it can then be used with the standard http Oauth2 API.<br>
<br>
(One caveat: the google play services token response doesn't
provide a refresh token. I believe this to be a non-issue as the
token request process is trivial when using google play services
(no authentication step)).<br>
<br>
I see to ways to implement this feature:<br>
<br>
1) Generalize the OAuth2WebFragmentFetchAutorization into an
interface, and have one implementation to handle http-based token
requests, and second implementation to handle intent-based token
requests.<br>
<br>
2) Add a OAuth2AuthorizationConfiguration option to use intents
instead of http, and trigger a different workflow within the
OAuth2WebFragmentFetchAutorization#doAuthorization method if that
config is set.<br>
<br>
My preference is for 2) because it's a) simpler, and b) it is
really only during the #doAuthorization method that we have a
different approach.<br>
<br>
Thoughts? I'll start with implementing approach (2) unless I hear
otherwise.<span class="HOEnZb"><font color="#888888"><br>
<br>
Brian</font></span><div><div class="h5"><br>
<br>
On 2015-02-24 07:25 PM, Matthias Wessendorf wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite"><br>
<br>
On Wednesday, February 25, 2015, Daniel Passos <<a href="mailto:daniel@passos.me" target="_blank">daniel@passos.me</a>>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">No, we are not using Google Play services API for
now for OAuth2 in Android land.
<div><br>
</div>
<div>But feel free create a new AuthzModule[1] for it ;)</div>
</div>
</blockquote>
<div><br>
</div>
<div>+1<span></span></div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div><br>
</div>
<div>[1] <a href="https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-android-authz/src/main/java/org/jboss/aerogear/android/authorization/AuthzModule.java" target="_blank">https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-android-authz/src/main/java/org/jboss/aerogear/android/authorization/AuthzModule.java</a><br>
<div><br>
</div>
<div>-- Passos</div>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Feb 24, 2015 at 4:01 PM,
Sebastien Blanc <span dir="ltr"><<a>scm.blanc@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Cool stuff Brian !
<div>The AeroGear OAuth2 Cordova plugin relies on the
Native AeroGear OAuth2 Libraries, so maybe Summers
and/or Daniel could tell more about it. </div>
<div>Sebi</div>
<div> </div>
</div>
<div>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Feb 24, 2015 at
7:46 PM, Brian Leathem <span dir="ltr"><<a>bleathem@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hey gear-heads,<br>
<br>
I recently wrote a Cordova plugin that retrieves
a Oauth2 token on<br>
Android using Google Play Services. The
advantage of this approach is<br>
it leverages the single-sign-on capabilities of
android, and the app can<br>
retrieve the Oauth2 token without requiring
Authentication from the<br>
user. I blogged about it here:<br>
<br>
<a href="http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html" target="_blank">http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html</a><br>
<br>
Using a promise-based API it's fairly trivial to
fallback to a<br>
traditional Web authentication/authorisation for
the Oauth2 token when<br>
the google-play-services approach isn't
supported.<br>
<br>
I'm aware the aerogear team has a Oauth2 cordova
plugin [1], but it's<br>
not clear to me if the google-play-services
integration is supported.<br>
If the Aerogeam would find it useful, I'd be
more than happy to provide<br>
a PR to the aerogear cordova plugin providing
such integration.<br>
<br>
Thoughts?<br>
Brian<br>
<br>
[1]<br>
<a href="http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth2.html" target="_blank">http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth2.html</a><br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a>aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a>aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<br>
-- <br>
Sent from Gmail Mobile<br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
aerogear-dev mailing list
<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
</blockquote>
<br>
</div></div></div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br></div>