Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
456 views
in Technique[技术] by (71.8m points)

android - Should I use GoogleAuthUtil.getToken(...) or not?

Background:

I need to authenticate on my server back-end so I know the client is genuine. In my Android game I connect to Games.API via GoogleApiClient.

I only want to have to sign in once, which I want to do via Games.API, as this gives me many advantages (Google Play Games leaderboards, achievements, etc.)

I have been able to get an authorisation token using GoogleAuthUtil.getToken(...) which I can do after I sign into Games.API, which seems to give me a token. Good so far.

But Google says this is not safe and says I should migrate to ID token flow instead. But, as I understand it this approach would require me to use

Intent signInIntent = Auth.GoogleSignInApi.getSignInIntent(mGoogleApiClient);
startActivityForResult(signInIntent, RC_SIGN_IN);

which means instigating an additional sign in to that for Games.API. Furthermore, it is not possible to addApi both Games.API and Auth.GOOGLE_SIGN_IN_API to the same GoogleApiClient !

Ok, so upgrade to the latest google-play-services (at least r29), using which I can use Games.API with Games.getGamesServerAuthCode(...) to obtain an auth token for my server. But this has two problems: (1) it requires Android 6.0 or above which blocks out 80% of the market, and (2) it's deprecated !


Question:

Should I use GoogleAuthUtil.getToken(...) or not, and if not what are my options given that I only want to sign in using Games.API ?

By sign in I mean present the user with log in visuals. I don't mind signing into something else so long as the user does not have to interact with the sign in...


Note:

I originally asked this question when I first started out. The current question hopefully clarifies the situation.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Firstly, I should not use GoogleAuthUtil.getToken(...). It's deprecated; end of.

To achieve what I want I found the following works perfectly... whether it's the best way I have no idea.

First, sign in using Auth.GOOGLE_SIGN_IN:

GoogleSignInOptions gso = new GoogleSignInOptions.Builder(
                                          GoogleSignInOptions.DEFAULT_SIGN_IN)
    .requestEmail()
    .requestIdToken("YOUR-SERVER-CLIENT-ID")
    .build();

mGoogleApiClientForSignIn = new GoogleApiClient.Builder(mActivity, this, this)
    .addApi(Auth.GOOGLE_SIGN_IN_API, gso)
    .build();

mGoogleApiClientForSignIn.connect();

On success this will eventually call onConnected(...) from where you can negotiate a second sign in to Games.API. This has to be performed separately on a new GoogleApiClient because you can't mix Games.API and Auth.GOOGLE_SIGN_IN:

mGoogleApiClientForGames = new GoogleApiClient.Builder(mActivity, this, this)
    .addApi(Games.API).addScope(Games.SCOPE_GAMES)
    .addApi(Drive.API).addScope(Drive.SCOPE_APPFOLDER)
    .build();

mGoogleApiClientForGames.connect();

As per the new Play Games Permissions update for 2016, the GoogleSignIn only appears once per game (even between devices !), after which the user is not presented with any visual log in screens for GoogleSignIn. The only visual login will be the Saved Games snapshot selection screen.

This works with Android 2.3 (use google-play-services r28) and without deprecation warnings. Huzzah !


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...