Tutorial: OAuth2

Android OAuth2

Before using OAuth2 authentication within your Android application, you have to enable and configure the OAuth2 providers you need in your application. In particular, don't forgot to register your Android application id within the authorized domains cartridge.

To do so, please refer to the OAuth2 documentation.

A few words about our OAuth2 solution

Easy to use API

The SDK provides an easy to use solution for delegating authentication of users to external OAuth2 providers. The current implementation supports Facebook, Google, GitHub, GitLab and Orange France providers, as well as Mobile Connect for some Orange countries. As an Android developer, you do not have to deal with OAuth2 mechanisms.

Secure implementation

One part of the OAuth2 protocol is implemented on backend servers. No credential nor client secret are stored on the Android terminal.

Call & Get

To authenticate the user using OAuth2, there is a dedicated method at API level. OAuth2 access token and more are provided with the authentication result.

Configure your Android project

Please refer to the Quick Start section for configuring your Android project.

Start implementing OAuth2

  1. Create a reference on your Webcom application.
    This is achieved by instantiating a new Webcom object.

  2. Define a listener object in charge of handling the outcome of the authentication process (successful result or failure). This listener must implement the OnAuthWithOAuth interface.

  3. Call the authWithOAuth() method on the Webcom reference.
    This method takes three input parameters:

  • a context : the parent activity context.
  • a provider name : the OAuth provider to authenticate with, given as a string. Possible values are: "google", "facebook", "github", "gitlab", "orange" or "mobileconnectOXX" (with XX replaced by the targeted Orange country: FR, ES, MA, JO or MG).
  • a listener : the listener object that handles the outcome of the authentication.

Tips

The authWithOAuth() method executes the OAuth workflow in a dedicated java thread. To update the UI from the callback methods of your listener object, you have to execute the code from the runOnUiThread method of your activity.

If you need to run the OAuth workflow with provider-specific parameters, you can specify them with the 4th parameter of the authWithOAuth() method. An AuthOptions instance is created using Create() and WithCustomParameter() methods.

If you need general listeners to be executed on each authentication operation whatever its method (OAuth, email/password, anonymous, implicit...), you can define or undefine them using the registerAuthCallback() and unregisterAuthCallback() methods on your Webcom reference.

Example

(replace “<your-app>” with your actual application identifier)

	// Init Webcom reference
	Webcom webcom = new Webcom("<your-app>");

    // OnAuthWithOAuth listener definition
    final OnAuthWithOAuth listener = new OnAuthWithOAuth() {
        @Override
        public void onCancel(WebcomError error) {
            Log.d(TAG, "User has cancelled authentication");
        }
        @Override
        public void onComplete(@Nullable AuthResponse response) {
            Log.d(TAG, "User successfully authenticated: " + response.getIdentity().getDisplayName());
        }
        @Override
        public void onError(WebcomError error) {
            Log.e(TAG, "Authentication failed: " + error.getMessage());
        }
    };

    // Authenticate with OAuth
    webcom.authWithOAuth(MyActivity.this, "google", listener);
    //webcom.authWithOAuth(MyActivity.this, "facebook", listener);
    //webcom.authWithOAuth(MyActivity.this, "github", listener);
    //webcom.authWithOAuth(MyActivity.this, "gitlab", listener);
    //webcom.authWithOAuth(MyActivity.this, "orange", listener);
    
    ...

For more details, you can see the API reference.