web服务的凭据 - OpenID的/ Android的的AccountManager? [英] Webservice credentials - OpenID/Android AccountManager?
问题描述
我建立一个web服务,并希望使用该用户的谷歌帐户凭据。
I'm building a webservice and would like to use the user's google account credentials.
该服务在GAE上运行,将有一个Web客户端和Android原生客户端。
The service runs on GAE and will have a web client and an Android native client.
这是这样的事情我第一次尝试,我一直在阅读有关的OpenID和Android的AccountManager库。
This is my first attempt of something like this and I've been reading about OpenID and the Android AccountManager library.
我仍然不知道什么是我在存储用户数据存储我的角度选择。我应该使用什么标识?是否有可能在一个原生的Android应用程序中使用OpenID的?
I'm still not sure what are my options in terms of storing the users in my Datastore. What Identifier should I use ? Is it possible to use OpenID on a native Android application ?
任何帮助和/或指针将AP preciated。谢谢你。
Any help and/or pointers would be appreciated. Thanks.
推荐答案
我们对过去的项目类似的要求:GAE后端与前端GWT和Android / iPhone客户端。此外,我们不希望存储用户凭据。
We had a similar requirements on the last project: GAE backend with GWT frontend and Android/iPhone clients. Also, we did not want to store user credentials.
所以我们选择使用OpenID的,这是一个不幸的Web标准,并没有与移动设备上播放,但是是可行的。
So we choose to use OpenID, which is unfortunately a Web standard and does not play well with mobile devices, but is doable.
在GAE方面,我们简单地使这给了我们的OpenID联合登录。
On the GAE side we simply enabled federated login which gave us OpenID.
在移动设备上,当用户需要登录我们present给他们一个列表运算的OpenID认证器(谷歌,雅虎等)。然后,我们打开一个本地浏览器(没有嵌入式浏览器)和直接用户选择的OpenID身份验证的网站。好处是,用户的浏览器通常已经拥有用户名/密码记忆,所以这个步骤只需要用户在preSS一个按钮。
On mobile devices, when user needs to login we present to them a list op OpenID authenticators (Google, Yahoo, etc..). Then we open a native browser (not embedded browser) and direct user to chosen OpenID authentication site. The upside is that user's browser usually already has username/pass remembered, so this step just requires user to press one button.
这是所有pretty的简单。现在这里是棘手的部分: 经过用户确认登录,OpenID的重定向回我们的GAE返回URL(您需要提供该网址时提出要求)。在这个网址,我们创建一个自定义URL,例如:
This is all pretty straightforward. Now here is the tricky part: After user confirms login, OpenID redirects back to our GAE return url (you need to provide this url when request is made). On this url we create a custom URL, for example:
yourappname://usrname#XXXYYYZZZ
在这里XXXYYYZZZZ是身份验证令牌。我们从那里它存储为ACSID饼干返回页面此令牌:我们使用了一些JSP读取这个cookie,并把它包装成以上自定义网址
where XXXYYYZZZZ is auth token. We get this token from the return page where it's stored as an ACSID cookie: we used some JSP to read this cookie and wrap it into above custom URL.
然后,我们注册了Android和iPhone应用程序来处理 yourappname:// 的URL,这样当用户cliskc这个环节,我们的应用程序被调用,链接传递给它。我们提取用户名,并从这个链接令牌,我们用它在REST请求到GAE后台。
Then we register our Android and iPhone apps to handle the yourappname:// URLs, so that when user cliskc this link, our app is invoked and the link is passed to it. We extract user name and token from this link and we use it in REST requests to the GAE backend.
如果您有任何问题我会很高兴地更新这个帖子。
If you have any more questions I'd gladly update this post.
更新:
生产AppEngine上的用户会话cookie被命名为 ACSID ,而开发AppEngine上的服务器上它的命名 dev_appserver_login 。
The user session cookie on production AppEngine is named ACSID, while on development AppEngine server it's named dev_appserver_login.
这篇关于web服务的凭据 - OpenID的/ Android的的AccountManager?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
