• Home
  • Raw
  • Download

Lines Matching refs:to

1 page.title=Authenticating to OAuth2 Services
16 <h2>This lesson teaches you to</h2>
21   <li><a href="#ConnectToService">Connect to the Online Service</a></li>
26 <p>In order to securely access an online service, users need to authenticate to
27 the service&mdash;they need to provide proof of their identity. For an
29 more complicated. Not only does the user need to be authenticated to access the
30 service, but the application also needs to be authorized to act on the user's
33 <p>The industry standard way to deal with authentication to third-party services
36 authorization to act on the user's behalf. This lesson demonstrates connecting
37 to a Google server that supports OAuth2. Although Google services are used as an
43 <li>Getting permission from the user to access an online service using his or
45 <li>Authenticating to an online service on behalf of the user.</li>
52 <p>To begin using OAuth2, you need to know a few things about the API you're trying
53 to access:</p>
56 <li>The url of the service you want to access.</li>
59 read-only access to Google Tasks is <code>View your tasks</code>, while the auth
60 scope for read-write access to Google Tasks is <code>Manage Your
63 strings that identify your app to the service. You need to obtain these strings
68 how to use this system to obtain these values for use with the Google Tasks
75 <p>Now you're ready to request an auth token. This is a multi-step process.</p>
80 <p>To get an auth token you first need to request the
82 to your manifest file. To actually do anything useful with the
83 token, you'll also need to add the {@link android.Manifest.permission#INTERNET}
96 android.accounts.AccountManager#getAuthToken AccountManager.getAuthToken()} to get the
102 your auth work in one function, you need to implement it as a series of callbacks. For example:</p>
142 android.accounts.AccountManager#KEY_AUTHTOKEN} key and you're off to the races. Things don't
151 <li>An error in the device or network caused {@link android.accounts.AccountManager} to fail.</li>
152 <li>The user decided not to grant your app access to the account.</li>
153 <li>The stored account credentials aren't sufficient to gain access to the account.</li>
158 showing an error message to the user. If the network is down or the user decided
159 not to grant access, there's not much that your application can do about it. The
161 are expected to handle these failures automatically.</p>
167 then the authenticator is telling you that it needs to interact directly with the user before it can
170 <p>There may be many reasons for the authenticator to return an {@link android.content.Intent}. It
171 may be the first time the user has logged in to this account. Perhaps the user's account has expired
172 and they need to log in again, or perhaps their stored credentials are incorrect. Maybe the account
173 requires two-factor authentication or it needs to activate the camera to do a retina scan. It
174 doesn't really matter what the reason is. If you want a valid token, you're going to have to fire
175 off the {@link android.content.Intent} to get it.</p>
197 it's impossible to tell whether the user has successfully authenticated or not.
201 android.accounts.AccountManager#getAuthToken AccountManager.getAuthToken()} again to request the new
205 android.accounts.AccountManager} failure. The only way to discover whether a token is expired or not
206 is to contact the server, and it would be wasteful and expensive for {@link
207 android.accounts.AccountManager} to continually go online to check the state of all of its tokens.
208 So this is a failure that can only be detected when an application like yours tries to use the auth
209 token to access an online service.</p>
212 <h2 id="ConnectToService">Connect to the Online Service</h2>
214 <p>The example below shows how to connect to a Google server. Since Google uses the
215 industry standard OAuth2 protocol to
218 server is different. You may find yourself needing to make minor adjustments to
219 these instructions to account for your specific
222 <p>The Google APIs require you to supply four values with each request: the API
226 …ts.AccountManagerCallback,android.os.Handler) AccountManager.getAuthToken()}. You pass these to the
249 cheap operation for your server, you might prefer to call {@link
251 first call to {@link android.accounts.AccountManager#getAuthToken AccountManager.getAuthToken()},
252 and spare yourself the need to request an auth token twice.</p>