To use the Google Play Store, users must be signed in to a Google account on their phones; therefore, if your application connects to a Google App Engine backend to store and retrieve data related to a particular user, you can use the Account Manager to handle the authentication.
The Account Manager enables you to ask users for permission to retrieve an authentication token, which, in turn, can be used to obtain a cookie from your server that can then be used to make future authenticated requests.
To retrieve accounts and authentication tokens from the Account Manager, your application requires the GET_ACCOUNTS uses-permission:
<uses-permission android:name=”android.permission.GET_ACCOUNTS”/>
Making authenticated Google App Engine requests is a three-part process:
- Request an auth token.
- Use the auth token to request an auth cookie.
- Use the auth cookie to make authenticated requests.
Requesting an auth token
String acctSvc = Context.ACCOUNT_SERVICE;
AccountManager accountManager = (AccountManager)getSystemService(acctSvc);
Account[] accounts = accountManager.getAccountsByType(“com.google”);
if (accounts.length > 0)
accountManager.getAuthToken(accounts[0], “ah”, false,
myAccountManagerCallback, null);
private static int ASK_PERMISSION = 1;
private class GetAuthTokenCB implements AccountManagerCallback<Bundle> {
public void run(AccountManagerFuture<Bundle> result) {
try {
Bundle bundle = result.getResult();
Intent launch = (Intent)bundle.get(AccountManager.KEY_INTENT);
if (launch != null)
startActivityForResult(launch, ASK_PERMISSION);
else {
// Extract the auth token and request an auth cookie.
}
}
catch (Exception ex) {}
}
};
If the key’s value is not null, you must start a new Activity using the bundled Intent to request the user’s permission. The user will be prompted to approve or deny your request. After control has been passed back to your application, you should request the auth token again.
The auth token is stored within the Bundle parameter against the AccountManager.KEY_ AUTHTOKEN, as follows:
String auth_token = bundle.getString(AccountManager.KEY_AUTHTOKEN);
You can use this token to request an auth cookie from Google App Engine by configuring an httpClient and using it to transmit an HttpGet request, as follows:
DefaultHttpClient http_client = new DefaultHttpClient();
http_client.getParams().setBooleanParameter(ClientPNames.HANDLE_REDIRECTS, false);
String getString = “https://[yourappsubdomain].appspot.com/_ah/login?” +
“continue=http://localhost/&auth=” +
auth_token;
HttpGet get = new HttpGet(getString);
HttpResponse response = http_client.execute(get);
If the request was successful, simply iterate over the Cookies stored in the HTTP Client’s Cookie Store to confirm the auth cookie has been set. The HTTP Client used to make the request has the authenticated cookie, and all future requests to Google App Engine using it will be properly authenticated.
if (response.getStatusLine().getStatusCode() != 302)
return false;
else {
for (Cookie cookie : http_client.getCookieStore().getCookies())
if (cookie.getName().equals(“ACSID”)) {
// Make authenticated requests to your Google App Engine server.
}
}