Android的验证谷歌传递给谷歌App Engine的帐户 [英] Android authentication to google accounts passed on to Google App Engine

问题描述

在我深入实施这种特殊设计的细节，我想我是否正确地接近它的一些建议/验证。我的Andr​​oid的入门知识，在Python先进的初学者，GAE和OpenID的。

Before I dig into the details of implementing this particular design, I wanted some advice/validation on whether I was approaching it correctly. I have a beginners knowledge of Android, advanced beginner in Python, GAE, and OpenId.

• Android应用程序
在谷歌应用程序引擎内置在Python
• Web服务
• 用户（S）与谷歌帐户

• Android application
• Web Services built in Python on Google App Engine
• User(s) with Google Account

我希望能够在我的Andr​​oid应用程序的登录功能，而无需编写自己的认证系统的GAE。在应用程序，用户应该能够作为嘉宾的播放而无需保存高分的能力。如果用户想有救了他的高分，他将验证对Android设备上他的谷歌帐户。在比赛结束后，通过对谷歌的App Engine游戏的Web服务的身份验证的用户高分将被保存（与他的谷歌帐户相关联）。用户也应该能够注销和手设备的朋友谁也可以登录，玩游戏，并保存她与谷歌帐户相关联的高分。

I want to enable sign-in capabilities in my Android application without writing my own authentication system in GAE. Within the app, the user should be able to play as a guest without the ability to save high scores. If a user would like to have his high scores saved, he would authenticate against his Google account on the Android device. At the end of the game, the authenticated users high score would be saved (associated with his Google Account) via the game's web services on Google App Engine. The user should also be able to sign-out and hand the device to a friend who could also log in, play a game, and save her high scores associated with her Google account.

1. 在Android应用程序，使用的OpenID认证，只要用户希望签到（使用沿着什么尼克已经发布的这里。
2. 从返回的cookie抓住OpenID的标记，并将其与当前用户相关联。
3. 请一个Web服务调用到GAE服务加入令牌作为一个cookie，并包括高分数
4. Web服务将身份验证令牌有效
5. Web服务将确定独特的谷歌帐户ID与令牌相关的（不知道如何做到这一点，但假设应该有办法做到这一点）和查找，对交叉引用表的唯一ID找到用户在游戏中的ID（这是在帐户设置过程pviously创建$ P $）
6. 保存与游戏中的ID相关联的高分。
7. 允许注销，以便其他用户可以登录到他们的谷歌帐户的游戏，重复上面的过程

1. In the Android application, use OpenId for authentication whenever the user wishes to sign-in (using something along the lines of what Nick has posted here.
2. Grab the OpenId token from the cookie that is returned and associate it with the current user.
3. Make a web service call to the GAE services adding the token as a cookie and including the high score
4. The web service would authenticate that the token is valid
5. The web service would determine the unique Google accounts id associated with the token (don't know how to do this, but assuming there should be a means to do this) and lookup that unique id against a cross reference table to find the users in-game id (which was previously created during account setup)
6. Save the high score associated with the in-game id.
7. Allow logout so another user can login to the game with their Google Account and repeat above process

感谢您的帮助

推荐答案

您可能会发现<一href="http://www.google.com/events/io/2011/sessions/android-app-engine-a-developer-s-dream-combination.html"相对=nofollow> 2011 + Android的App Engine的IO 说话有帮助的。

You might find the 2011 Android + App Engine IO talk helpful.

这篇关于Android的验证谷歌传递给谷歌App Engine的帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！