安卓的auth_token验证和使用服务器端
问题描述:
我如何能够验证从
token = bundle.getString(AccountManager.KEY_AUTHTOKEN);
在我得到的新用户在Android上我需要将其插入到我的数据库服务器端,但我需要验证令牌不知何故之前,我做。
After I get the new user on Android I need to insert them into my database server side, but I need to validate that token somehow before I do.
我想用这样的标记:
url = 'https://www.googleapis.com/oauth2/v1/userinfo?access_token=%s' % access_token
但谷歌将返回未授权访问。
but Google is returning 'Unauthorized Access'.
我如何可以访问
https://www.googleapis.com/oauth2/v1/userinfo
使用Android的AccountManager前提的auth_token?
using the Android AccountManager provided 'auth_token' ?
答
您很可能只是缺少 oauth2: preFIX在authTokenType面前
You're probably just missing the oauth2: prefix in front of your authTokenType.
这code工作:
// Note the `oauth2:` prefix
private static final String AUTH_TOKEN_TYPE_USERINFO_PROFILE =
"oauth2:https://www.googleapis.com/auth/userinfo.profile";
// TODO: allow the use to choose which account to use
Account acct = accountManager.getAccountsByType("com.google")[0];
accountManager.getAuthToken(acct, AUTH_TOKEN_TYPE_USERINFO_PROFILE,
null, this, new AccountManagerCallback<Bundle>() {
@Override
public void run(AccountManagerFuture<Bundle> future) {
try {
String accessToken = future.getResult().getString(
AccountManager.KEY_AUTHTOKEN);
Log.i(TAG, "Got OAuth2 access token: " + accessToken);
/*
Your code here. Use one of two options. In each case replace ... with
the above OAuth2 access token:
1) GET https://www.googleapis.com/oauth2/v1/userinfo?access_token=...
2) GET https://www.googleapis.com/oauth2/v1/userinfo with this header:
Authorization: Bearer ...
*/
} catch (OperationCanceledException e) {
// TODO handle this case
Log.w(TAG, "The user has did not allow access");
} catch (Exception e) {
// TODO handle this exception
Log.w(TAG, "Unexpected exception", e);
}
}
}, null);
}