X-BeenThere: fougrapi@googlegroups.com
Received: by 10.87.42.37 with SMTP id u37ls843490fgj.1.p; Mon, 01 Mar 2010
10:09:58 -0800 (PST)
Received: by 10.86.22.36 with SMTP id 36mr174402fgv.25.1267466998180;
Mon, 01 Mar 2010 10:09:58 -0800 (PST)
Received: by 10.86.22.36 with SMTP id 36mr174401fgv.25.1267466998107;
Mon, 01 Mar 2010 10:09:58 -0800 (PST)
Return-Path: <mariano.k...@gmail.com>
Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.154])
by gmr-mx.google.com with ESMTP id 18si451394fxm.9.2010.03.01.10.09.57;
Mon, 01 Mar 2010 10:09:57 -0800 (PST)
Received-SPF: pass (google.com: domain of mariano.k...@gmail.com designates 72.14.220.154 as permitted sender) client-ip=72.14.220.154;
Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of mariano.k...@gmail.com designates 72.14.220.154 as permitted sender) smtp.mail=mariano.k...@gmail.com; dkim=pass (test mode) header...@gmail.com
Received: by fg-out-1718.google.com with SMTP id e21so187135fga.13
for <fougrapi@googlegroups.com>; Mon, 01 Mar 2010 10:09:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=gamma;
h=domainkey-signature:mime-version:received:in-reply-to:references
:date:message-id:subject:from:to:content-type;
bh=gF7Qh+0azsOYZ7ZeEVV571rlPURjPoXhlkPqMgMkz4c=;
b=jbMZelHCdl84pgMkdyB1JpnIkZ3idqR8nelxCa1SIQhPPNfCh+Md+a0doO7WNEUnVz
TxPq1d1xQzVd57iPbGN8vT1GdGjiXMrqK5A9hguLu7ViSDlk846n418KaEXcoJ2N48xa
ye+MO/jzw1FDuwghanqOJIVMI7HQL8LnGzpuQ=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type;
b=pj2dEUq+dIkK7CuWnvxaQbqTQon7zTKHYbTPg+ZWVgUukLQ1RXRO/Xny0RC0hOrOZI
XvFFY3LxXT3LeTu7Kd96eCHkyhFT6P38/Q+TNtnBfJxdkdthpICCsTnF4uxfs2au4bRj
PU0bOYxxBDhnctb+DEGVYGgYwdzsV9j3oQ+6U=
MIME-Version: 1.0
Received: by 10.87.16.39 with SMTP id t39mr7932662fgi.46.1267466994718; Mon,
01 Mar 2010 10:09:54 -0800 (PST)
In-Reply-To: <37a2a11f-822b-40be-b7a8-1b5869749...@y17g2000yqd.googlegroups.com>
References: <995a6740-770f-4c17-8a06-3cd25a099...@b36g2000pri.googlegroups.com>
<c8c2cbfa-f539-4f13-b807-85a42ce77...@m16g2000yqc.googlegroups.com>
<b3bff971-ad92-44d7-8e4a-5ca886bad...@k19g2000yqc.googlegroups.com>
<264cf901002110801t2f94c1fet17ffc6fad7ac0...@mail.gmail.com>
<5575e52a-55d8-45f4-b1fc-6dffdcebe...@a5g2000yqi.googlegroups.com>
<910a6fc11002271038u54f7381uf0bee3e426369...@mail.gmail.com>
<37a2a11f-822b-40be-b7a8-1b5869749...@y17g2000yqd.googlegroups.com>
Date: Mon, 1 Mar 2010 19:09:54 +0100
Message-ID: <910a6fc11003011009m12da3de4kc937408b4a1fc...@mail.gmail.com>
Subject: Re: Changes to sending authenticated requests to Google Reader
From: Mariano Kamp <mariano.k...@gmail.com>
To: fougrapi@googlegroups.com
Content-Type: multipart/alternative; boundary=001485f796e4fc19f10480c12709
--001485f796e4fc19f10480c12709
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hey Stefan,
thanks for sharing your insights.
I also use ClientLogin with GOOGLE for the old OS versions too.
Regarding the feature/google-approach, that sounds good. I also found out
that the GR responses are empty for hosted accounts when using
HOSTED_OR_GOOGLE with ClientLogin.
I will try out the feature/google-approach with the same and different pw
this week and feed back.
Besides this being support intensive I don't see a major downside with usin=
g
the same password on both.
Btw. At what source did you poke? I wasn't aware that Google's
implementation was open sourced?
Does it work on Android 2.0/2.01 for you? I ran into an
exception<http://groups.google.com/group/android-developers/browse_thread/t=
hread/d8b444e099837e42>.
The same code works fine on 2.1/Nexus though. It would be great to look at
their code here too.
Any thoughts on how to handle auto re-logins? It seems to be a real hot
button for many users to re-login every two weeks. I can understand that to
a degree. When this happens at night you might find out on the train that
there are no news/podcasts this morning ;-(
I think I will memorize the date/time when I asked for a token. When the
user launches the app during the last two days before the token expires I
will ask him to do the re-login right away interactively. I hope that
solution is less annoying.
Cheers,
Mariano
On Sun, Feb 28, 2010 at 10:59 PM, Stefan Kyntchev <skyntc...@gmail.com>wrot=
e:
> Mariano,
>
> The change that I made and worked was in the POST request to
> https://www.google.com/accounts/ClientLogin -one of the input
> parameters is "accountType" which I used to call with
> "HOSTED_OR_GOOGLE" and that caused the authentication to occur against
> the hosting account. Changing it to "GOOGLE" solved that issue. As you
> can tell this was part of the manual authentication (where I cache the
> "GoogleLogin auth=3DXXXX" token.)
>
> As far as 2.0 accounts, in order to support both pre 2.0 and 2.0
> devices, I decided to offer both options (you pick to enter user/name
> password or you pick an account to use. If you have 2.0 device you
> have both options, in 1.6 you have only the UN/PW option.
>
> In my tests I found that 2.0 authentication works for the most part
> but hosted accounts are still an issue. Here are some observations:
>
> 1. If you manually add a Google account (using Settings > Accounts and
> sync) - everything works as expected.
> 2. If you manually add a hosted account (again using Settings >
> Accounts and sync), it will authenticate against the hosted account so
> the authentication token by default will be for the hosted account. If
> you try to retrieve the Reader subscription list with that token, the
> request does not fail but you get an empty list (looks like it is a
> brand new account with no subscriptions).
> 3. Poking in the source, I found that if you use
> AccountManager.getAuthTokenByFeatures(), you can, in the "Feature"
> array, supply "GOOGLE" as a feature, and that probably will get you
> the Google token (instead of the hosted). That may work if you have
> the same password for both Google and Hosted account, but I don't
> think it will work if you have different passwords. This same call
> will also provide an option to add (register) a new account (by
> prompting for UN/PW) which is probably the only way to get any hosted
> account to work.
>
> I am still trying to find a way to get the hosted accounts working.
>
> Stefan
>
>
> On Feb 27, 1:38 pm, Mariano Kamp <mariano.k...@gmail.com> wrote:
> > Hey Stefan,
> >
> > did you also get this to work with the Android 2.0 authentication?
> > Where do you specify "GOOGLE" there=DF
> >
> > Cheers,
> > Mariano
> >
> > On Thu, Feb 11, 2010 at 9:15 PM, Stefan Kyntchev <skyntc...@gmail.com>
> wrote:
> > > Thanks Mihai,
> >
> > > Switching to "GOOGLE" did the trick. I was using "HOSTED_OR_GOOGLE"
> > > which was "preferring" the hosted account.
> > > Thank you very much for the help.
> >
> > > Stefan
> >
> > > On Feb 11, 11:01 am, Mihai Parparita <mih...@google.com> wrote:
> > >> On Thu, Feb 11, 2010 at 6:42 AM, StefanK <skyntc...@gmail.com> wrote=
:
> > >> > Thanks for heads up Brad. I am the author of BeyondPod, a podcatch=
er
> > >> > for Android and Windows Mobile. Google Reader integration is widel=
y
> > >> > used feature in both apps and when anything goes wrong there I get
> > >> > tons of support emails. I am really happy that for the first time =
I
> > >> > can be proactive about it.
> >
> > >> > For some reason, currently, if users use an e-mail that is hosted =
by
> > >> > Google Apps, they can't login in Reader using the
> > >> >https://www.google.com/accounts/ClientLogin. From my tests, it
> appears
> > >> > that when registering for a Reader account with Google Apps e-mail=
,
> a
> > >> > different account is created (they may or may not have the same
> > >> > password) and when using ClientLogin, it logs in to the Google App
> > >> > account and the SID token is invalid for Reader.
> >
> > >> > Will this change with the new Authentication changes, or is there
> > >> > another way to handle Google Apps logins?
> >
> > >> Have you tried setting accountType to GOOGLE (as described athttp://
> code.google.com/apis/accounts/docs/AuthForInstalledApps.html#R...
> > >> Reader does not support hosted (Google Apps) accounts.
> >
> > >> Mihai
> >
> >
>
--001485f796e4fc19f10480c12709
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hey Stefan,<div><br></div><div>thanks for sharing your insights.<br><div><b=
r></div><div>I also use ClientLogin with GOOGLE for the old OS versions too=
.=A0</div><div><br></div><div>Regarding the feature/google-approach, that s=
ounds good. I also found out that the GR responses are empty for hosted acc=
ounts when using HOSTED_OR_GOOGLE with=A0ClientLogin.=A0</div>
<div>I will try out the feature/google-approach with the same and different=
pw this week and feed back.=A0</div><div>Besides this being support intens=
ive I don't see a major downside with using the same password on both.<=
/div>
<div><br></div><div>Btw. At what source did you poke? I wasn't aware th=
at Google's implementation was open sourced?<br></div><div><br></div><d=
iv>Does it work on Android 2.0/2.01 for you? I ran into an <a href=3D"http:=
//groups.google.com/group/android-developers/browse_thread/thread/d8b444e09=
9837e42" target=3D"_blank">exception</a>. The same code works fine on 2.1/N=
exus though. It would be great to look at their code here too.</div>
<div><br></div><div>Any thoughts on how to handle auto re-logins? It seems =
to be a real hot button for many users to re-login every two weeks. I can u=
nderstand that to a degree. When this happens at night you might find out o=
n the train that there are no news/podcasts this morning ;-(</div>
<div>I think I will memorize the date/time when I asked for a token. When t=
he user launches the app during the last two days before the token expires =
I will ask him to do the re-login right away interactively. I hope that sol=
ution is less annoying.</div>
<div><br></div><div>Cheers,</div><div>Mariano</div><div><br></div><div><div=
class=3D"gmail_quote">On Sun, Feb 28, 2010 at 10:59 PM, Stefan Kyntchev <s=
pan dir=3D"ltr"><<a href=3D"mailto:skyntc...@gmail.com" target=3D"_blank=
">skyntc...@gmail.com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Mariano,<br>
<br>
The change that I made and worked was in the POST request to<br>
<a href=3D"https://www.google.com/accounts/ClientLogin" target=3D"_blank">h=
ttps://www.google.com/accounts/ClientLogin</a> -one of the input<br>
parameters is "accountType" which I used to call with<br>
"HOSTED_OR_GOOGLE" and that caused the authentication to occur ag=
ainst<br>
the hosting account. Changing it to "GOOGLE" solved that issue. A=
s you<br>
can tell this was part of the manual authentication (where I cache the<br>
"GoogleLogin auth=3DXXXX" token.)<br>
<br>
As far as 2.0 accounts, in order to support both pre 2.0 and 2.0<br>
devices, I decided to offer both options (you pick to enter user/name<br>
password or you pick an account to use. If you have 2.0 device you<br>
have both options, in 1.6 you have only the UN/PW option.<br>
<br>
In my tests I found that 2.0 authentication works for the most part<br>
but hosted accounts are still an issue. Here are some observations:<br>
<br>
1. If you manually add a Google account (using Settings > Accounts and<b=
r>
sync) - everything works as expected.<br>
2. If you manually add a hosted account (again using Settings ><br>
Accounts and sync), it will authenticate against the hosted account so<br>
the authentication token by default will be for the hosted account. If<br>
you try to retrieve the Reader subscription list with that token, the<br>
request does not fail but you get an empty list (looks like it is a<br>
brand new account with no subscriptions).<br>
3. Poking in the source, I found that if you use<br>
AccountManager.getAuthTokenByFeatures(), you can, in the "Feature"=
;<br>
array, supply "GOOGLE" as a feature, and that probably will get y=
ou<br>
the Google token (instead of the hosted). That may work if you have<br>
the same password for both Google and Hosted account, but I don't<br>
think it will work if you have different passwords. This same call<br>
will also provide an option to add (register) a new account (by<br>
prompting for UN/PW) which is probably the only way to get any hosted<br>
account to work.<br>
<br>
I am still trying to find a way to get the hosted accounts working.<br>
<br>
Stefan<br>
<div><br>
<br>
On Feb 27, 1:38=A0pm, Mariano Kamp <<a href=3D"mailto:mariano.k...@gmail=
.com" target=3D"_blank">mariano.k...@gmail.com</a>> wrote:<br>
> Hey Stefan,<br>
><br>
> did you also get this to work with the Android 2.0 authentication?<br>
> Where do you specify "GOOGLE" there=DF<br>
><br>
> Cheers,<br>
> Mariano<br>
><br>
</div><div><div></div><div>> On Thu, Feb 11, 2010 at 9:15 PM, Stefan Kyn=
tchev <<a href=3D"mailto:skyntc...@gmail.com" target=3D"_blank">skyntc..=
....@gmail.com</a>> wrote:<br>
> > Thanks Mihai,<br>
><br>
> > Switching to "GOOGLE" did the trick. I was using "=
HOSTED_OR_GOOGLE"<br>
> > which was "preferring" the hosted account.<br>
> > Thank you very much for the help.<br>
><br>
> > Stefan<br>
><br>
> > On Feb 11, 11:01=A0am, Mihai Parparita <<a href=3D"mailto:mih.=
....@google.com" target=3D"_blank">mih...@google.com</a>> wrote:<br>
> >> On Thu, Feb 11, 2010 at 6:42 AM, StefanK <<a href=3D"mailt=
o:skyntc...@gmail.com" target=3D"_blank">skyntc...@gmail.com</a>> wrote:=
<br>
> >> > Thanks for heads up Brad. I am the author of BeyondPod, =
a podcatcher<br>
> >> > for Android and Windows Mobile. Google Reader integratio=
n is widely<br>
> >> > used feature in both apps and when anything goes wrong t=
here I get<br>
> >> > tons of support emails. I am really happy that for the f=
irst time I<br>
> >> > can be proactive about it.<br>
><br>
> >> > For some reason, currently, if users use an e-mail that =
is hosted by<br>
> >> > Google Apps, they can't login in Reader using the<br=
>
> >> ><a href=3D"https://www.google.com/accounts/ClientLogin" t=
arget=3D"_blank">https://www.google.com/accounts/ClientLogin</a>. From my t=
ests, it appears<br>
> >> > that when registering for a Reader account with Google A=
pps e-mail, a<br>
> >> > different account is created (they may or may not have t=
he same<br>
> >> > password) and when using ClientLogin, it logs in to the =
Google App<br>
> >> > account and the SID token is invalid for Reader.<br>
><br>
> >> > Will this change with the new Authentication changes, or=
is there<br>
> >> > another way to handle Google Apps logins?<br>
><br>
> >> Have you tried setting accountType to GOOGLE (as described at=
http://<a href=3D"http://code.google.com/apis/accounts/docs/AuthForInstalle=
dApps.html#R." target=3D"_blank">code.google.com/apis/accounts/docs/AuthFor=
InstalledApps.html#R.</a>..<br>
> >> Reader does not support hosted (Google Apps) accounts.<br>
><br>
> >> Mihai<br>
><br>
><br>
</div></div></blockquote></div><br></div></div>
--001485f796e4fc19f10480c12709--
Message from discussion Changes to sending authenticated requests to Google Reader
| Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy |
| ©2013 Google |