For example, user is navigating to google.com in WebView.
Is it possible to authorize him there via Google Account Picker (something like described here https://developers.google.com/android/guides/http-auth) to simplify authorization instead of manually logging in via web form? Android Web browsers (for example, Google Chrome) are authorizing user via this method).
Part I: Using the Google Plus Services API
If I understand your question correctly, you may be able to achieve what you are trying to do using the Google Plus Services API.
You create your GoogleSignInOptions
and then create your GoogleApiClient
using these sign-in options. From there, you use the Auth.GoogleSignInApi.getSignInIntent
with your GoogleApiClient
as the parameter.
This intent should launch a SignInIntent
that presents the Google account picker (that will include accounts that have been accessed on the device previously, and the ability to add another account).
Once you get back the GoogleSignInResult
, you can verify that the user was authenticated and then create the authentication flow as you would otherwise.
Even included in the Android SDK is the Google SignInButton
, which you can use right in your layout instead of having to create a custom button for the sign-in.
Part II: Using WebViewClient
Now, if you are trying to use a WebView
to authenticate them, your best bet is to extend the WebViewClient
class.
Things you will need: clientId
, clientSecret
, and clientScope
(all of these details will be given for you when you create your application in the Google Developer Console)
First things first, your URL to authorize will probably be as follows: https://accounts.google.com/o/oauth2/auth?response_type=code&clientId={your client id}&state={SOMESTATEINFO}&access_type=offline
(access type if you want offline access). This should be the initial URL of your WebView
Next, you will want to modify your extended WebViewClient class. What you will want to do is override the shouldOverrideUrlLoading(WebView webView, String url)
method to listen for your redirectURL
. Probably the easiest thing to do is to use url.startsWith(<your redirect URL>)
to detect this. You can then parse the response. If your response contains error
, then it means something went wrong. Otherwise, you should get back two fields in the URL: code
and state
. If you do not get error
back, then return true
for shouldOverrideUrlLoading
.
Once you get your code
, you can create a new GoogleAuthorizationCodeFlow
, using your client, scopes, and secrets.
Once you have your flow, you will need a GoogleTokenResponse
, which you will be able to get using the code
obtained above for your authorization code, using GoogleTokenResponse response = flow.newTokenResponse(<code>).setRedirectUri(<redirectUri>).execute()
.
Once you have done this, and you have your response
, you can get your Credential
using flow.createAndStoreCredential(response, null)
.
And voila, using this Credential
, you can authenticate your calls.
Caveats I have not been able to get the WebView
to recognize accounts that have been signed into on other web browsers, so the account picker may only show the accounts that have been signed into on the app-specific WebView.
tl;dr It is possible to do this with a WebView
and WebViewClient
, but it's messy and a little bit more roundabout than using the Google Plus Services API.
This example better illustrates the authorization flow/credential stuff once you get the authorization code and such.
And here's some documentation on the WebViewClient that may be useful as well.
Hope this helps point you in the right direction!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With