Skip to content Skip to sidebar Skip to footer
Home / Accountmanager / Android / Google Api

Obtaining A Basic Google Auth-token From Accountmanager

Post a Comment
I want to obtain a Google Authtoken from the AccountManager that I can send to my Webservice (not hosted on App Engine) to authenticate the User (I just need the email address and

Solution 1:

This is doable using OpenID Connect, however it's sort of experimental, so details could change in the future. If you get an OAuth token for the 'https://www.googleapis.com/auth/userinfo.email' or 'https://www.googleapis.com/auth/userinfo.profile' scope you can use it to get user info from https://www.googleapis.com/oauth2/v1/userinfo (including email). Of course the user needs to authorize this.

You should theoretically be able to get the token from AcccountManager using the "oauth2:https://www.googleapis.com/auth/userinfo.profile" as the token type, but that doesn't appear to work on my device (Galaxy Nexus with stock 4.0.4). Since getting a token via the AccountManager doesn't work (at least for now), the only reliable way is to use a WebView and get one via the browser as described here: https://developers.google.com/accounts/docs/MobileApps

There is a demo web app here that does this: https://oauthssodemo.appspot.com

(late) Update: Google Play Services has been released and it is the preferred way to get an OAuth token. It should be available on all devices with Android 2.2 and later. Getting a profile token does work with it, in fact they use it in the demo app

Solution 2:

I have had problems with this as well, since I was not able to find anything like a reference. Perhaps this can help you (code copied from an Android example on using the account manager):

  1. Somewhere in an event handler of your Android app, issue a request for an auth token to get the user's email address in Android:

    _accountMgr = AccountManager.get(this);
Account [] accounts = _accountMgr.getAccounts();                
Account account = accounts[0];   // For me this is Google, still need to figure out how to get it by name.
_accountMgr.getAuthToken(account, AUTH_TOKEN_TYPE, false, new GetAuthTokenCallback(), null);

  2. In the callback, extract the access token:

    privateclassGetAuthTokenCallbackimplementsAccountManagerCallback<Bundle> {
    publicvoidrun(AccountManagerFuture<Bundle> result) {
        Bundle bundle;
        try {
            bundle = result.getResult();
            finalStringaccess_token= bundle.getString(AccountManager.KEY_AUTHTOKEN);
            // store token somewhere you can supply it to your web server.
        } catch (Exception e) {
            // do something here.
        }
    }
}

  3. Make some request to your web server, supplying the access token.

  4. On the web server, validate the access token and obtain the email address:

    curl -d 'access_token=<this is the token the app sent you>' https://www.googleapis.com/oauth2/v1/tokeninfo

    You should get something like this:

    {"issued_to":"<something>.apps.googleusercontent.com","audience":"<something>.apps.googleusercontent.com","scope":"https://www.googleapis.com/auth/userinfo.email","expires_in":3562,"email":"<users email address>","verified_email":true,"access_type":"online"}

    or if something went wrong:

    {"error":"invalid_token","error_description":"Bad Request"}

Solution 3:

You can get the User's name with the Google+ People API. (It will not provide the user's email address).

If this is OK, you can use "Know who you are on Google" as the authTokenType.

There is a sample application provided by Google that demonstrates how to use the AndroidAccountManager in conjunction with the Google+ APIs.

Link: http://code.google.com/p/google-plus-java-starter/source/browse/#hg%2Fandroid

Post a Comment for "Obtaining A Basic Google Auth-token From Accountmanager"