Cool stuff Brian ! The AeroGear OAuth2 Cordova plugin relies on the Native AeroGear OAuth2 Libraries, so maybe Summers and/or Daniel could tell more about it. Sebi On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem <bleathem(a)gmail.com&gt; wrote: > Hey gear-heads, > > I recently wrote a Cordova plugin that retrieves a Oauth2 token on > Android using Google Play Services. The advantage of this approach is > it leverages the single-sign-on capabilities of android, and the app can > retrieve the Oauth2 token without requiring Authentication from the > user. I blogged about it here: > > http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html > > Using a promise-based API it's fairly trivial to fallback to a > traditional Web authentication/authorisation for the Oauth2 token when > the google-play-services approach isn't supported. > > I'm aware the aerogear team has a Oauth2 cordova plugin [1], but it's > not clear to me if the google-play-services integration is supported. > If the Aerogeam would find it useful, I'd be more than happy to provide > a PR to the aerogear cordova plugin providing such integration. > > Thoughts? > Brian > > [1] > > http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev > _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev

On Wednesday, February 25, 2015, Daniel Passos <daniel(a)passos.me <mailto:daniel@passos.me>> wrote: No, we are not using Google Play services API for now for OAuth2 in Android land. But feel free create a new AuthzModule[1] for it ;) +1 [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... -- Passos On Tue, Feb 24, 2015 at 4:01 PM, Sebastien Blanc <scm.blanc(a)gmail.com <javascript:_e(%7B%7D,'cvml','scm.blanc@gmail.com');>> wrote: Cool stuff Brian ! The AeroGear OAuth2 Cordova plugin relies on the Native AeroGear OAuth2 Libraries, so maybe Summers and/or Daniel could tell more about it. Sebi On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem <bleathem(a)gmail.com <javascript:_e(%7B%7D,'cvml','bleathem@gmail.com');>> wrote: Hey gear-heads, I recently wrote a Cordova plugin that retrieves a Oauth2 token on Android using Google Play Services. The advantage of this approach is it leverages the single-sign-on capabilities of android, and the app can retrieve the Oauth2 token without requiring Authentication from the user. I blogged about it here: http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html Using a promise-based API it's fairly trivial to fallback to a traditional Web authentication/authorisation for the Oauth2 token when the google-play-services approach isn't supported. I'm aware the aerogear team has a Oauth2 cordova plugin [1], but it's not clear to me if the google-play-services integration is supported. If the Aerogeam would find it useful, I'd be more than happy to provide a PR to the aerogear cordova plugin providing such integration. Thoughts? Brian [1] http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');> https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <javascript:_e(%7B%7D,'cvml','aerogear-dev@lists.jboss.org');> https://lists.jboss.org/mailman/listinfo/aerogear-dev -- Sent from Gmail Mobile _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev

Hey Brian, You can. but not necessarily need do that.. You can create your own workflow. Just implement your own: * OAuth2AuthroizationConfigurationProvider * AuthorizationConfiguration * AuthzModule.java And let the |AuthorizationManager| know[1] your new Authz |AuthorizationManager.registerConfigurationProvider(YourNewAuthorizationConfiguration, new YourNewOAuth2AuthroizationConfigurationProvider) | [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... -- Passos ​ On Wed, Feb 25, 2015 at 3:30 PM, Brian Leathem <bleathem(a)gmail.com <mailto:bleathem@gmail.com>> wrote: ... and the devil is in the details. It seems as though all the current AuzthzModules use an http based approach to requesting an Oauth2 token. I see this being done in OAuth2WebFragmentFetchAutorization#doAuthorization method, where an OAuthWebViewDialog is used to trigger the Oauth2 token request. To use Google Play services to trigger an Oauth2 token request, we won't use an http approach, but rather we start an activity to select an account and request an Oauth2 token. Once the token is retrieved it can then be used with the standard http Oauth2 API. (One caveat: the google play services token response doesn't provide a refresh token. I believe this to be a non-issue as the token request process is trivial when using google play services (no authentication step)). I see to ways to implement this feature: 1) Generalize the OAuth2WebFragmentFetchAutorization into an interface, and have one implementation to handle http-based token requests, and second implementation to handle intent-based token requests. 2) Add a OAuth2AuthorizationConfiguration option to use intents instead of http, and trigger a different workflow within the OAuth2WebFragmentFetchAutorization#doAuthorization method if that config is set. My preference is for 2) because it's a) simpler, and b) it is really only during the #doAuthorization method that we have a different approach. Thoughts? I'll start with implementing approach (2) unless I hear otherwise. Brian On 2015-02-24 07:25 PM, Matthias Wessendorf wrote: > > > On Wednesday, February 25, 2015, Daniel Passos <daniel(a)passos.me > <mailto:daniel@passos.me>> wrote: > > No, we are not using Google Play services API for now for > OAuth2 in Android land. > > But feel free create a new AuthzModule[1] for it ;) > > > +1 > > > > [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... > > -- Passos > > > On Tue, Feb 24, 2015 at 4:01 PM, Sebastien Blanc > <scm.blanc(a)gmail.com&gt; wrote: > > Cool stuff Brian ! > The AeroGear OAuth2 Cordova plugin relies on the Native > AeroGear OAuth2 Libraries, so maybe Summers and/or > Daniel could tell more about it. > Sebi > > > On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem > <bleathem(a)gmail.com&gt; wrote: > > Hey gear-heads, > > I recently wrote a Cordova plugin that retrieves a > Oauth2 token on > Android using Google Play Services. The advantage of > this approach is > it leverages the single-sign-on capabilities of > android, and the app can > retrieve the Oauth2 token without requiring > Authentication from the > user. I blogged about it here: > > http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html > > Using a promise-based API it's fairly trivial to > fallback to a > traditional Web authentication/authorisation for the > Oauth2 token when > the google-play-services approach isn't supported. > > I'm aware the aerogear team has a Oauth2 cordova > plugin [1], but it's > not clear to me if the google-play-services > integration is supported. > If the Aerogeam would find it useful, I'd be more > than happy to provide > a PR to the aerogear cordova plugin providing such > integration. > > Thoughts? > Brian > > [1] > http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > > > -- > Sent from Gmail Mobile > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev

On 02/25/2015 01:59 PM, Brian Leathem wrote: > Great, thanks for the insight David, I'll go bark up that tree for a > while. https://issues.jboss.org/browse/AGDROID-319?jql=project%20%3D%20AGDROID%2... This will probably be necessary to implement to get what you want done. > > Brian > > On 2015-02-25 10:44 AM, Daniel Passos wrote: >> >> Hey Brian, >> >> You can. but not necessarily need do that.. You can create your own >> workflow. >> >> Just implement your own: >> >> * >> >> OAuth2AuthroizationConfigurationProvider >> >> * >> >> AuthorizationConfiguration >> >> * AuthzModule.java >> >> And let the |AuthorizationManager| know[1] your new Authz >> >> |AuthorizationManager.registerConfigurationProvider(YourNewAuthorizationConfiguration, new YourNewOAuth2AuthroizationConfigurationProvider) >> | >> >> [1] >> https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... >> >> -- Passos >> >> >> ​ >> >> On Wed, Feb 25, 2015 at 3:30 PM, Brian Leathem <bleathem(a)gmail.com >> <mailto:bleathem@gmail.com>> wrote: >> >> ... and the devil is in the details. >> >> It seems as though all the current AuzthzModules use an http >> based approach to requesting an Oauth2 token. I see this being >> done in OAuth2WebFragmentFetchAutorization#doAuthorization >> method, where an OAuthWebViewDialog is used to trigger the >> Oauth2 token request. >> >> To use Google Play services to trigger an Oauth2 token request, >> we won't use an http approach, but rather we start an activity >> to select an account and request an Oauth2 token. Once the >> token is retrieved it can then be used with the standard http >> Oauth2 API. >> >> (One caveat: the google play services token response doesn't >> provide a refresh token. I believe this to be a non-issue as >> the token request process is trivial when using google play >> services (no authentication step)). >> >> I see to ways to implement this feature: >> >> 1) Generalize the OAuth2WebFragmentFetchAutorization into an >> interface, and have one implementation to handle http-based >> token requests, and second implementation to handle intent-based >> token requests. >> >> 2) Add a OAuth2AuthorizationConfiguration option to use intents >> instead of http, and trigger a different workflow within the >> OAuth2WebFragmentFetchAutorization#doAuthorization method if >> that config is set. >> >> My preference is for 2) because it's a) simpler, and b) it is >> really only during the #doAuthorization method that we have a >> different approach. >> >> Thoughts? I'll start with implementing approach (2) unless I >> hear otherwise. >> >> Brian >> >> >> On 2015-02-24 07:25 PM, Matthias Wessendorf wrote: >>> >>> >>> On Wednesday, February 25, 2015, Daniel Passos >>> <daniel(a)passos.me <mailto:daniel@passos.me>> wrote: >>> >>> No, we are not using Google Play services API for now for >>> OAuth2 in Android land. >>> >>> But feel free create a new AuthzModule[1] for it ;) >>> >>> >>> +1 >>> >>> >>> >>> [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... >>> >>> -- Passos >>> >>> >>> On Tue, Feb 24, 2015 at 4:01 PM, Sebastien Blanc >>> <scm.blanc(a)gmail.com&gt; wrote: >>> >>> Cool stuff Brian ! >>> The AeroGear OAuth2 Cordova plugin relies on the Native >>> AeroGear OAuth2 Libraries, so maybe Summers and/or >>> Daniel could tell more about it. >>> Sebi >>> >>> >>> On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem >>> <bleathem(a)gmail.com&gt; wrote: >>> >>> Hey gear-heads, >>> >>> I recently wrote a Cordova plugin that retrieves a >>> Oauth2 token on >>> Android using Google Play Services. The advantage >>> of this approach is >>> it leverages the single-sign-on capabilities of >>> android, and the app can >>> retrieve the Oauth2 token without requiring >>> Authentication from the >>> user. I blogged about it here: >>> >>> http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html >>> >>> Using a promise-based API it's fairly trivial to >>> fallback to a >>> traditional Web authentication/authorisation for >>> the Oauth2 token when >>> the google-play-services approach isn't supported. >>> >>> I'm aware the aerogear team has a Oauth2 cordova >>> plugin [1], but it's >>> not clear to me if the google-play-services >>> integration is supported. >>> If the Aerogeam would find it useful, I'd be more >>> than happy to provide >>> a PR to the aerogear cordova plugin providing such >>> integration. >>> >>> Thoughts? >>> Brian >>> >>> [1] >>> http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... >>> _______________________________________________ >>> aerogear-dev mailing list >>> aerogear-dev(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/aerogear-dev >>> >>> >>> >>> _______________________________________________ >>> aerogear-dev mailing list >>> aerogear-dev(a)lists.jboss.org >>> https://lists.jboss.org/mailman/listinfo/aerogear-dev >>> >>> >>> >>> >>> -- >>> Sent from Gmail Mobile >>> >>> >>> _______________________________________________ >>> aerogear-dev mailing list >>> aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> >>> https://lists.jboss.org/mailman/listinfo/aerogear-dev >> >> >> _______________________________________________ >> aerogear-dev mailing list >> aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> >> https://lists.jboss.org/mailman/listinfo/aerogear-dev >> >> >> >> >> _______________________________________________ >> aerogear-dev mailing list >> aerogear-dev(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev -- Summers Pittman >>Phone:404 941 4698 >>Java is my crack.

Hey Brian, You can. but not necessarily need do that.. You can create your own workflow. Just implement your own: * OAuth2AuthroizationConfigurationProvider * AuthorizationConfiguration * AuthzModule.java And let the |AuthorizationManager| know[1] your new Authz |AuthorizationManager.registerConfigurationProvider(YourNewAuthorizationConfiguration, new YourNewOAuth2AuthroizationConfigurationProvider) | [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... -- Passos ​ On Wed, Feb 25, 2015 at 3:30 PM, Brian Leathem <bleathem(a)gmail.com <mailto:bleathem@gmail.com>> wrote: ... and the devil is in the details. It seems as though all the current AuzthzModules use an http based approach to requesting an Oauth2 token. I see this being done in OAuth2WebFragmentFetchAutorization#doAuthorization method, where an OAuthWebViewDialog is used to trigger the Oauth2 token request. To use Google Play services to trigger an Oauth2 token request, we won't use an http approach, but rather we start an activity to select an account and request an Oauth2 token. Once the token is retrieved it can then be used with the standard http Oauth2 API. (One caveat: the google play services token response doesn't provide a refresh token. I believe this to be a non-issue as the token request process is trivial when using google play services (no authentication step)). I see to ways to implement this feature: 1) Generalize the OAuth2WebFragmentFetchAutorization into an interface, and have one implementation to handle http-based token requests, and second implementation to handle intent-based token requests. 2) Add a OAuth2AuthorizationConfiguration option to use intents instead of http, and trigger a different workflow within the OAuth2WebFragmentFetchAutorization#doAuthorization method if that config is set. My preference is for 2) because it's a) simpler, and b) it is really only during the #doAuthorization method that we have a different approach. Thoughts? I'll start with implementing approach (2) unless I hear otherwise. Brian On 2015-02-24 07:25 PM, Matthias Wessendorf wrote: > > > On Wednesday, February 25, 2015, Daniel Passos <daniel(a)passos.me > <mailto:daniel@passos.me>> wrote: > > No, we are not using Google Play services API for now for > OAuth2 in Android land. > > But feel free create a new AuthzModule[1] for it ;) > > > +1 > > > > [1] https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... > > -- Passos > > > On Tue, Feb 24, 2015 at 4:01 PM, Sebastien Blanc > <scm.blanc(a)gmail.com&gt; wrote: > > Cool stuff Brian ! > The AeroGear OAuth2 Cordova plugin relies on the Native > AeroGear OAuth2 Libraries, so maybe Summers and/or > Daniel could tell more about it. > Sebi > > > On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem > <bleathem(a)gmail.com&gt; wrote: > > Hey gear-heads, > > I recently wrote a Cordova plugin that retrieves a > Oauth2 token on > Android using Google Play Services. The advantage of > this approach is > it leverages the single-sign-on capabilities of > android, and the app can > retrieve the Oauth2 token without requiring > Authentication from the > user. I blogged about it here: > > http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html > > Using a promise-based API it's fairly trivial to > fallback to a > traditional Web authentication/authorisation for the > Oauth2 token when > the google-play-services approach isn't supported. > > I'm aware the aerogear team has a Oauth2 cordova > plugin [1], but it's > not clear to me if the google-play-services > integration is supported. > If the Aerogeam would find it useful, I'd be more > than happy to provide > a PR to the aerogear cordova plugin providing such > integration. > > Thoughts? > Brian > > [1] > http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > > > -- > Sent from Gmail Mobile > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev

One way to make this work would be to move the Aerogear Oauth2 API altogether to an intent based one. Users would start an intent to retrieve an Oauth2 token, which we would deliver to their #onActivityResult method, regardless of the mechanism we use. This would also allow us to resolve AGDROID-319 elegantly.

Hello all, So I've gotten pretty close in my implementation, but I've got one blocker: The account selection and Oath2 token request are initiated using an intent. The result is then retrieved by implementing the #onActivityResult method of the initial activity. The problem I'm facing is the original activity exists in the user's application. Nesting activities isn't a solution, as I still don't have access to the top-level activity. Implementing this purely as a cordova plugin is trivial, as I can just @Override the #onActivityResult of the CordovaPlugin class. Do any Android experts have a recommendation on how I can implement this as a generic Android library in android-authz? Alternatively if we implement this directly in the oauth2-codova plugin I have everything we need already complete. Brian On 2015-02-25 10:44 AM, Daniel Passos wrote: > > Hey Brian, > > You can. but not necessarily need do that.. You can create your own > workflow. > > Just implement your own: > > * > > OAuth2AuthroizationConfigurationProvider > > * > > AuthorizationConfiguration > > * AuthzModule.java > > And let the |AuthorizationManager| know[1] your new Authz > > |AuthorizationManager.registerConfigurationProvider(YourNewAuthorizationConfiguration, new YourNewOAuth2AuthroizationConfigurationProvider) > | > > [1] > https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... > > -- Passos > > > ​ > > On Wed, Feb 25, 2015 at 3:30 PM, Brian Leathem <bleathem(a)gmail.com > <mailto:bleathem@gmail.com>> wrote: > > ... and the devil is in the details. > > It seems as though all the current AuzthzModules use an http > based approach to requesting an Oauth2 token. I see this being > done in OAuth2WebFragmentFetchAutorization#doAuthorization > method, where an OAuthWebViewDialog is used to trigger the Oauth2 > token request. > > To use Google Play services to trigger an Oauth2 token request, > we won't use an http approach, but rather we start an activity to > select an account and request an Oauth2 token. Once the token is > retrieved it can then be used with the standard http Oauth2 API. > > (One caveat: the google play services token response doesn't > provide a refresh token. I believe this to be a non-issue as the > token request process is trivial when using google play services > (no authentication step)). > > I see to ways to implement this feature: > > 1) Generalize the OAuth2WebFragmentFetchAutorization into an > interface, and have one implementation to handle http-based token > requests, and second implementation to handle intent-based token > requests. > > 2) Add a OAuth2AuthorizationConfiguration option to use intents > instead of http, and trigger a different workflow within the > OAuth2WebFragmentFetchAutorization#doAuthorization method if that > config is set. > > My preference is for 2) because it's a) simpler, and b) it is > really only during the #doAuthorization method that we have a > different approach. > > Thoughts? I'll start with implementing approach (2) unless I > hear otherwise. > > Brian > > > On 2015-02-24 07:25 PM, Matthias Wessendorf wrote: >> >> >> On Wednesday, February 25, 2015, Daniel Passos <daniel(a)passos.me >> <mailto:daniel@passos.me>> wrote: >> >> No, we are not using Google Play services API for now for >> OAuth2 in Android land. >> >> But feel free create a new AuthzModule[1] for it ;) >> >> >> +1 >> >> >> [1] >> https://github.com/aerogear/aerogear-android-authz/blob/master/aerogear-a... >> >> -- Passos >> >> >> On Tue, Feb 24, 2015 at 4:01 PM, Sebastien Blanc >> <scm.blanc(a)gmail.com&gt; wrote: >> >> Cool stuff Brian ! >> The AeroGear OAuth2 Cordova plugin relies on the Native >> AeroGear OAuth2 Libraries, so maybe Summers and/or >> Daniel could tell more about it. >> Sebi >> >> On Tue, Feb 24, 2015 at 7:46 PM, Brian Leathem >> <bleathem(a)gmail.com&gt; wrote: >> >> Hey gear-heads, >> >> I recently wrote a Cordova plugin that retrieves a >> Oauth2 token on >> Android using Google Play Services. The advantage >> of this approach is >> it leverages the single-sign-on capabilities of >> android, and the app can >> retrieve the Oauth2 token without requiring >> Authentication from the >> user. I blogged about it here: >> >> http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html >> >> Using a promise-based API it's fairly trivial to >> fallback to a >> traditional Web authentication/authorisation for the >> Oauth2 token when >> the google-play-services approach isn't supported. >> >> I'm aware the aerogear team has a Oauth2 cordova >> plugin [1], but it's >> not clear to me if the google-play-services >> integration is supported. >> If the Aerogeam would find it useful, I'd be more >> than happy to provide >> a PR to the aerogear cordova plugin providing such >> integration. >> >> Thoughts? >> Brian >> >> [1] >> http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... >> _______________________________________________ >> aerogear-dev mailing list >> aerogear-dev(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/aerogear-dev >> >> >> >> _______________________________________________ >> aerogear-dev mailing list >> aerogear-dev(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/aerogear-dev >> >> >> >> >> -- >> Sent from Gmail Mobile >> >> >> _______________________________________________ >> aerogear-dev mailing list >> aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> >> https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev > > > > > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev

>Phone:404 941 4698 >Java is my crack.

On 2015-02-26 07:13 AM, Summers Pittman wrote: > I really, really, REALLY wish Google hadn't made Android a class and > had gone for an injection/composition programming model instead. > It's like they weren't even paying any attention to academic and > professional literature about OO and Java in 2006... Agreed - it's a severe limitation indeed. In terms of landing the google-play-services oauth2-token request feature I am trying to implement, I see a number of paths forward: 1) Rewrite the Aeroegear Oauth2 API altogether to be intenet based, providing users the token via the #onActivityResult method. This would mostly just be adding a layer in front of the existing API, and shouldn't be too honerous. It would however be a breaking change for downstream applications. 2) Leave the google-play-services request out of android-authz (Android users can initiate the play-services intent themselves if they want). Instead I would implement this feature only in the oauth2-codova plugin where I can receive the intent response. 3) Explore using an Android Service to handle Oauth2 token requests. I believe we would be able to trigger an intent and retrieve the result from within the service, then provide it to the downstream application from the service. It's a little unclear as to whether starting intents from a Service is good practice. My vote would be to pursue 2) for now, with a note about 1) being added to AGDROID-319 to be treated in a future revision.

Thoughts?

>Phone:404 941 4698 >Java is my crack.

On 24 Feb,2015, at 19:46 , Brian Leathem <bleathem(a)gmail.com&gt; wrote: Hey gear-heads, I recently wrote a Cordova plugin that retrieves a Oauth2 token on Android using Google Play Services. The advantage of this approach is it leverages the single-sign-on capabilities of android, and the app can retrieve the Oauth2 token without requiring Authentication from the user. I blogged about it here: http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html Using a promise-based API it's fairly trivial to fallback to a traditional Web authentication/authorisation for the Oauth2 token when the google-play-services approach isn't supported. I'm aware the aerogear team has a Oauth2 cordova plugin [1], but it's not clear to me if the google-play-services integration is supported. If the Aerogeam would find it useful, I'd be more than happy to provide a PR to the aerogear cordova plugin providing such integration. Thoughts? Brian [1] http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev

+1 on joing forces :-) (see also passos' hint) hehe On Wed, Feb 25, 2015 at 8:01 AM, Erik Jan de Wit <edewit(a)redhat.com <mailto:edewit@redhat.com>> wrote: Hi Brian, Cool stuff, seems like your javascript api is very similar to what we have on the cordova plugin. Would be great if you could add it. Cheers, Erik Jan > On 24 Feb,2015, at 19:46 , Brian Leathem <bleathem(a)gmail.com <mailto:bleathem@gmail.com>> wrote: > > Hey gear-heads, > > I recently wrote a Cordova plugin that retrieves a Oauth2 token on > Android using Google Play Services. The advantage of this approach is > it leverages the single-sign-on capabilities of android, and the app can > retrieve the Oauth2 token without requiring Authentication from the > user. I blogged about it here: > > http://www.bleathem.ca/blog/2015/02/cordova-oauth-google-services.html > > Using a promise-based API it's fairly trivial to fallback to a > traditional Web authentication/authorisation for the Oauth2 token when > the google-play-services approach isn't supported. > > I'm aware the aerogear team has a Oauth2 cordova plugin [1], but it's > not clear to me if the google-play-services integration is supported. > If the Aerogeam would find it useful, I'd be more than happy to provide > a PR to the aerogear cordova plugin providing such integration. > > Thoughts? > Brian > > [1] > http://staging-aerogearsite.rhcloud.com/docs/specs/aerogear-cordova/OAuth... > _______________________________________________ > aerogear-dev mailing list > aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/aerogear-dev _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org <mailto:aerogear-dev@lists.jboss.org> https://lists.jboss.org/mailman/listinfo/aerogear-dev -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf _______________________________________________ aerogear-dev mailing list aerogear-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/aerogear-dev