Android Coding Topic: Supporting OAuth identity authorisation
Time for another in our series of coding topics, this time touching on the issue of sign-ins.
Everyone working online must be suffering from login/password overload and OAuth is an open standard for authorisation that is attempting to address this.
Here is an interesting article from Google about how to support OAuth 2.0 and Google Play services (a way of integrating Google’s social media, such as Google+, into Android apps). See Google Play services and OAuth Identity Tools
Tim Bray, a Developer Advocate at Google, begins:
Google Play services has started to roll out and should arrive on virtually all Android 2.2+ devices with the Google Play Store in the very near future. At that point, all those devices will have new tools for working with OAuth 2.0 tokens. This is an example of the kind of agility in rolling out new platform capabilities that Google Play services provides.
The Internet already has too many usernames and passwords, and they don’t scale. Furthermore, your Android device has a strong notion of who you are. In this situation, the industry consensus is that OAuth 2.0 is a good choice for the job, offering the promise of strong security minus passwords.
He goes on to cover dealing with Android’s AccountManager, the getToken() function, the AuthorizedActivity class, and registering your app. He provides sample code, which is from a sample library.