I'm building an Android application, and would like users to login with
their Google Apps account. However, I'm not using, nor am I interested in
using any of google's services in the backend. Is this possible?
I'm picturing this approach:
1. Use AccountManager in the application to ask for the authtoken of a
2. Send that authtoken to the server with requests
3. On the server, validate that authtoken with google's servers
4. Supply information to the user from my server, based on the validity
of the token
There is so much documentation about accessing a google service (drive,
maps, tasks) at step 3, but no information about simply validating a token.
Is there a service to do this?
This document seems to suggests it is possible:
Meanwhile the authentication and authorization home page suggests that
OpenID should be used for authentication:
The page about authenticating mobile apps describes using embedded
WebViews, which I had hoped to avoid by using the AccountManager:
Although someone has written a library to do the embedded WebView approach:
Are there other possible approaches?
My priorities are:
- not to handle passwords
- be able to validate that a web request comes from a claimed user
(according to google)
- tie that user to a user in my system (probably via the "name" of the
account in AccountManager, which is the email address)