search

google / java-photoslibrary

Java client library for the Google Photos Library API
http://developers.google.com/photos
Apache License 2.0
108 stars 64 forks source link

Android authentication #2

Open pompe84 opened 5 years ago

pompe84 commented 5 years ago

Hi, how would one authenticate when using android. Can't really find any tutorials.

krisu7 commented 5 years ago

Unfortunately you have to use REST api. You have to log user in using Google Sign-In, request appropriate scopes, then get token from GoogleSignInAccount.getIdToken. You can learn more here: https://developers.google.com/identity/sign-in/android/start-integrating When you have your token, append it to each api request you make. I used Retrofit to call REST api. You must remember that each token has short lifespan, so you want to refresh it. I solved it using Firebase Auth. I used Google Auth Token to log in to Firebase Auth (remember to enable Google provider in Firebase console). Firebase keeps auth token fresh for you, so you don't have to implement auth logic yourself, it's not trivial and you have to remember about many edge cases. Tried to use Firebase Auth Token in photos api directly but it didn't work.

erickogi commented 5 years ago

@krisu7 Hi.. I am facing issues using the photos api in android. I would really appreciate your help on this implementing the library using either rest or java client library. Thank you. email : erickogi14@gmail.com

erickogi commented 5 years ago

I was able to get a solutions to the issue https://github.com/erickogi/AndroidGooglePhotosApi

Hope it helps

jfschmakeit commented 5 years ago

Unfortunately the library doesn't support native Android authentication at the moment. (It's something that's on our radar, but it requires some extra work.) Unfortunately there's no specific timeline yet to address this.

If your app has a server component, you could use the server-side access through Google Sign-in to access the API that way. Note that you should not exchange the "server auth code" for an access token on the device itself - this could lead to potential security issues.

Alternatively, there's the Authorizing and Using REST APIs flow if you want to handle everything on the device, but you'll need to make your own HTTP REST requests to the Library API endpoints. (Using a library like retrofit for example.)

jordond commented 4 years ago

It's been over a year now, has there been any progress to adding native Android authentication yet?