java-photoslibrary icon indicating copy to clipboard operation
java-photoslibrary copied to clipboard

Published 20 hours ago verified publisher icon google

Android authentication

Open pompe84 opened this issue 5 years ago • 5 comments

Hi, how would one authenticate when using android. Can't really find any tutorials.

pompe84 avatar Dec 21 '18 11:12 pompe84

Unfortunately you have to use REST api. You have to log user in using Google Sign-In, request appropriate scopes, then get token from GoogleSignInAccount.getIdToken. You can learn more here: https://developers.google.com/identity/sign-in/android/start-integrating When you have your token, append it to each api request you make. I used Retrofit to call REST api. You must remember that each token has short lifespan, so you want to refresh it. I solved it using Firebase Auth. I used Google Auth Token to log in to Firebase Auth (remember to enable Google provider in Firebase console). Firebase keeps auth token fresh for you, so you don't have to implement auth logic yourself, it's not trivial and you have to remember about many edge cases. Tried to use Firebase Auth Token in photos api directly but it didn't work.

krisu7 avatar Dec 29 '18 02:12 krisu7

@krisu7 Hi.. I am facing issues using the photos api in android. I would really appreciate your help on this implementing the library using either rest or java client library. Thank you. email : [email protected]

erickogi avatar Feb 03 '19 10:02 erickogi

I was able to get a solutions to the issue https://github.com/erickogi/AndroidGooglePhotosApi

Hope it helps

erickogi avatar Feb 05 '19 11:02 erickogi

Unfortunately the library doesn't support native Android authentication at the moment. (It's something that's on our radar, but it requires some extra work.) Unfortunately there's no specific timeline yet to address this.

If your app has a server component, you could use the server-side access through Google Sign-in to access the API that way. Note that you should not exchange the "server auth code" for an access token on the device itself - this could lead to potential security issues.

Alternatively, there's the Authorizing and Using REST APIs flow if you want to handle everything on the device, but you'll need to make your own HTTP REST requests to the Library API endpoints. (Using a library like retrofit for example.)

jfschmakeit avatar Feb 05 '19 23:02 jfschmakeit

It's been over a year now, has there been any progress to adding native Android authentication yet?

jordond avatar Mar 19 '20 15:03 jordond