I am developing an application using Supabase, Flutter and Google OAuth and I would like to know if it is possible to have a single clientId and clientSecret for each device type (ios, android and web) so that I don't have to implement a different authentication workflow for each device.
I have tried looking around the Google Console and see if it is possible to create a single authentication API for multiple devices. I also tried searching online.
There are sevral types of Oauth2 clients.
installed app client (for applications run on the machine)
web app clients (for applications run on web servers)
Android app clients (for applications run on android devices)
IOS app clients (for applications run on Iosdevices)
The authorization method for these three types is different, the code used to authorize them is also different. They can not be mixed.
Android app requires SHA-1 certificate fingerprint
Ios app requires App Store ID
web app requires a redirect uri
So the answer is no you can not create one type of credential to work with Android, Ios and web, you need three different credential types.
a bit of sdk magic
If a user authorizes your web app, they may not need to authorize your android and Ios apps as long as the credentials are all part of the same project on Google developer console.
Last I checked this is not true the other way around, if a user authorizes android or ios first and then tries web they will need to authorize again.
My guess is this is something baked into the android and ios sdk on googles side that is not part of the respective client libraries for web. Either that or its something in the authorization code grant that isn't in the mobile code grant type for Oauth2 I have never bothered to dig to far into it.
Related
I wasn't having such a problem when using the old Firebase authentication methods. After accepting Identity Platform, my gmail and phone auth systems are not working in "android release" mode of my app (downloaded play store app). I'm currently search of the reason for this. I also put the sha keys to Firebase from Google Console App Signing and i also debugging authentication code base with test phone numbers and test gmails. There is no problem in code base or sha keys(my opinion). Now I am verifying oauth in Google Cloud Console. When this verification is verified, will my gmail and phone auths in android release mode be opened? And how long does this verification process take? Ios gmail and phone auth methods work well in the apple store or emulator. Also when i look at Google Cloud Console there are some errors on Identity Toolkit Api and Token Service Api.[enter image description here](https://i.stack.imgur.com/BeF3a.png)
I think the cause of the problem is identity platform integration and this validation for oauth. For what other reason do you think the firebase authentication systems (gmail and phone) works on iOS but not on Android?
I have created an app using IOT boilerplate in IBM Bluemix and added a devices as described in http://www.ibm.com/developerworks/cloud/library/cl-mqtt-bluemix-iot-node-red-app/.
I have following queries
Is there a way I can retrieve devices information (Authentication Token, Organization ID) from my Android app. As at present, after creating the devices I need to fill this information manually in my Android app which may not be feasible in real life scenario.
Is there a way I can create this device on IBM Bluemix from Android App.
Regards,
Sengar
You can register a new device via the HTTP API. With this your android app can register it's self and will be given the required tokens to log into the service.
I'm designing an iPhone/android app which needs user to login using his/her facebook account.
The app uses GAE (Google App Engine) as the background server, so the problem now is that I don't know how GAE, iPhone and Facebook authentication works.
My guess is user login FB from iPhone and will get an access_token, and then the iphone app sends the access_token to GAE so that GAE can recognize the user.
Is that correct? Or is there any tutorial about how to cooperate between these platforms?
Thanks!
Take a look at the LeanEngine open source project. It was designed to do exactly what you are trying to do - login from a mobile device to GAE with Facebook or OpenID account (and sync data between the client and GAE).
It consists of a preprogrammed GAE application and libraries for Android and iOS and if you are satisfied with the built-in functionality you really do not need to do any modifications to the server part. You can just use it as it is.
I have used Facebook API to make posts to my wall on Facebook with my Android app. To do this I made an app on the Facebook developer site. I used the key hash from the Android application and the APP_ID from the facebook app to cross match them.
Now I want to connect my Android app to a facebook app which already is connected to an Iphone application. This app has my key hash added, and I tried using its APP_ID instead of my own but it doesn't work.
I am thinking it might be because I'm not using the application secret in my Android app, but it is used in the Iphone app. If this could be the problem, where do I add this application secret? Xcode has such an easy system for adding parameters like this one, but I don't know what the equivalent in Android is.
Thanks!
Per the Facebook Android SDK instructions "make sure that your application has been signed with the same key you registered with Facebook" it sounds like you have a key mismatch issue; the instructions on their site should help find some common problems. Also update your local code to use the latest SDK as Facebook is notorious for breaking older implementations.
The current Facebook iOS SDK only uses the application ID and Android is no different.
I want to develop native mobile application in which user will send invitation to his friend to install another companion native application via a link to the application. But in order for this to work I need to pass a custom token or parameters in the link so that when the companion application is installed by the user's friend, this token is parsed by the companion application to display personalized message ( much like query string parameters are passed in the URL for normal web applications). Is this possible for iPhone and Android native applications?
It is not possible on stock iPhone/iOS devices. App installation on iOS devices can only be done through the App Store app or iTunes, which do not accept any additional parameters other than the app identifier in the URLs they handle.