如何从 Android Google 令牌创建解析 _User 帐户? [英] How to create a parse _User account from a Android Google token?

问题描述

我发现了一些有用的信息片段.

I've found some fragments of useful information.

http://blog.parse.com/announcements/bring-your-own-login/ 向我展示了如何登录 Android 应用一次我有一个 Parse 令牌.

http://blog.parse.com/announcements/bring-your-own-login/ shows me how to login an Android app once I have a Parse token.

我可以成功获取手机 Google 帐户的 Google 令牌.

I can successfully obtain a Google token for a phone's Google account.

https://developers.google.com/android/guides/http-auth>

/**
 * Gets an authentication token from Google and handles any
 * GoogleAuthException that may occur.
 */
protected String fetchToken() throws IOException {
    try {
        return GoogleAuthUtil.getToken(mActivity, mEmail, mScope);
    } catch (UserRecoverableAuthException userRecoverableException) {
        // GooglePlayServices.apk is either old, disabled, or not present
        // so we need to show the user some UI in the activity to recover.
        mActivity.handleGoogleException(userRecoverableException);
    } catch (GoogleAuthException fatalException) {
        // Some other type of unrecoverable exception has occurred.
        // Report and log the error as appropriate for your app.
    }
    return null;
}

如何让 Parse 使用 Google 令牌来创建 Parse 令牌?

How can get Parse to use a Google token to create a Parse token?

我认为这将涉及编写一些 Cloud Code，但我不清楚 Cloud Code 应该做什么.我认为它需要为 Google 令牌创建或找到一个新的 _User 并返回 Parse 令牌.

I assume that this will involve writing some Cloud Code, but I'm not clear on what that Cloud Code should do. I think it needs to create or find a new _User for the Google token and return the Parse token.

是否有任何关于如何处理 Google Android 登录/注册的 Parse Cloud Code 示例，或除 Facebook/Twitter 之外的任何示例?

Are there any Parse Cloud Code examples of how to handle Google Android login/signup, or examples of anything other than Faceboook/Twitter?

推荐答案

注意:此答案不适用于 Open Source Parse Server，因为它仅使用可撤销会话.查看 parse-server/issues/1392 以获取进一步更新

Note: This answer does not apply to the Open Source Parse Server, as it uses revocable sessions only. Check out parse-server/issues/1392 for further update

更新(2016 年 1 月):

您需要关闭可撤销会话才能调用getSessionToken 在 Parse.User 上.转到应用设置 >> 用户 >> 关闭需要可撤销的会话.这在2016年已经不是新鲜事了，但是在给出答案的时候，作者并不知道这个变化.

You need to turn off Revocable Session in order to call getSessionToken on Parse.User. Go to App Settings >> Users >> Turn off Require revocable sessions. This is not new in 2016, but at the time of giving answer, the author did not know of this change.

为了更容易理解，我将分为两种情况:新用户和回访用户.

I will break into 2 cases for easier to follow: New User and Returning User.

流程如下:

1. 用户授权并获取令牌
2. 我们使用随机密码创建一个新用户

您可以在返回电子邮件的 newChooseAccountIntent() 方法中使用以下代码创建 ParseUser.

You can create a ParseUser using following code inside the newChooseAccountIntent() method that return email.

ParseUser user = new ParseUser();
user.setUsername(mEmail);
user.setPassword(randomPassword);
user.setEmail(mEmail);
user.signUpInBackground(new SignUpCallback() {
  public void done(ParseException e) {
    if (e == null) {
      // Hooray! Let them use the app now.
    } else {
      // Sign up didn't succeed. Look at the ParseException
      // to figure out what went wrong
    }
  }
});

2.回访用户

正如我在互联网上研究的那样，这是大多数人坚持的地方.流程如下:

2. Returning User

This is the where most of people stuck, as I researched over the Internet. The flow is as below:

1. 用户授权，应用获得令牌
2. 我们将此令牌传递给 Cloud Code 进行验证.我们需要检查此令牌是否由 Google 签名以及它是否适合我们(android 开发人员(2013 年)).
3. 验证令牌有效后，您可以使用Parse.Cloud.useMasterKey() 方法在Cloud Code 中查询用户并使用getSessionToken() 查询结果的方法.
4. 通过调用 becomeInBackground 方法，使用会话密钥将登录状态保存在磁盘上

1. User authorizes and the app gets a token
2. We pass this token to Cloud Code to validate. We need to check if this token is signed by Google and if it is meant for us (android-developers (2013)).
3. After you can verify that the token is valid, you can query for the user in Cloud Code using Parse.Cloud.useMasterKey() method and return the session key by using getSessionToken() method on the query result.
4. Use the session key to save login state on disk by calling becomeInBackground method

要验证令牌，您可以将 Parse.Cloud.httprequest 发送到此端点:https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=.这在 Google 身份文档中有说明.您将收到如下数据:

To validate the token, you can send Parse.Cloud.httprequest to this endpoint: https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=. This is instructed in Google Identity Documentation. You will receive data as below:

{
 "iss": "https://accounts.google.com",
 "sub": "110169484474386276334",
 "azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "email": "billd1600@gmail.com",
 "at_hash": "X_B3Z3Fi4udZ2mf75RWo3w",
 "email_verified": "true",
 "aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "iat": "1433978353",
 "exp": "1433981953"
}

需要比较的是aud"、azp"和email"，分别翻译为受众、授权方和电子邮件.

Things need to compare are "aud", "azp" and "email" which are translated as audience, authorized party and email.

在 Cloud Code 上查询当前用户:

var query = new Parse.Query(Parse.User);
query.equalTo("email",mEmail);
query.first({
  success: function(user) {
    // Use user..getSessionToken() to get a session token
  },
  error: function(user, error) {
    //
  },
  useMasterKey: true
});

注意:确保您有以下范围，以便在您检查 Cloud Code 时显示电子邮件:https://www.googleapis.com/auth/plus.profile.emails.read

Note: Make sure you have following scope so that the email will show up when you check on Cloud Code: https://www.googleapis.com/auth/plus.profile.emails.read

这篇关于如何从 Android Google 令牌创建解析 _User 帐户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！