[Help] What's can i do with user token if my server is not hosing on GAE?
408 views
Skip to first unread message
Vincent Tsao
Aug 18, 2010, 3:12:09 AM8/18/10
to androi...@googlegroups.com
I found this snippet from Chrometophone-android DeviceRegistrar.java
// Register device with server
DefaultHttpClient client = new DefaultHttpClient();
String continueURL = BASE_URL;
URI uri = new URI(AUTH_URL + "?continue=" +
URLEncoder.encode(continueURL, "UTF-8") +
"&auth=" + authToken);
HttpGet method = new HttpGet(uri);
// No redirect following - continue is not used
final HttpParams params = new BasicHttpParams();
HttpClientParams.setRedirecting(params, false);
method.setParams(params);
HttpResponse res = client.execute(method);
Header[] headers = res.getHeaders("Set-Cookie");
if (res.getStatusLine().getStatusCode() != 302 ||
headers.length == 0) {
return res;
}
String ascidCookie = null;
for (Header header: headers) {
if (header.getValue().indexOf("ACSID=") >=0) {
// let's parse it
String value = header.getValue();
String[] pairs = value.split(";");
ascidCookie = pairs[0];
}
}a
the snippet shows us before android app send Registration ID to 3rd party server, we need fetch the current account cookie from Google Account server, here is what i figure:DefaultHttpClient client = new DefaultHttpClient();
String continueURL = BASE_URL;
URI uri = new URI(AUTH_URL + "?continue=" +
URLEncoder.encode(continueURL, "UTF-8") +
"&auth=" + authToken);
HttpGet method = new HttpGet(uri);
// No redirect following - continue is not used
final HttpParams params = new BasicHttpParams();
HttpClientParams.setRedirecting(params, false);
method.setParams(params);
HttpResponse res = client.execute(method);
Header[] headers = res.getHeaders("Set-Cookie");
if (res.getStatusLine().getStatusCode() != 302 ||
headers.length == 0) {
return res;
}
String ascidCookie = null;
for (Header header: headers) {
if (header.getValue().indexOf("ACSID=") >=0) {
// let's parse it
String value = header.getValue();
String[] pairs = value.split(";");
ascidCookie = pairs[0];
}
}a
- get current account TOKEN (AuthSub token) from AccountManager
- start a request to server, which hosting on GAE, with this kind of URL: https://yourapp.appspot.com/_ah/login?continue=http://localhost/&auth=TOKEN
- fetch cookie from server, and use that authentication cookie in all subsequent requests
Tomas Malmsten
Sep 8, 2010, 3:27:53 AM9/8/10
to android-c2dm
Hello Vincent,
This is a late replay and perhaps no longer needed.
I wrote the application server using Python and am so far hosting it
on my local machine. The Client Login token is fetched in a factory
class. The code is below:
class ClientLoginTokenFactory():
_token = None
def __init__(self):
self.url = 'https://www.google.com/accounts/ClientLogin'
self.account_type = 'HOSTED_OR_GOOGLE'
self.email = 'gmail.register...@gmail.com'
self.password = 'passwordForAboveAccount'
self.source = 'SOME_SOURCE_STRING'
self.service = 'ac2dm'
def get_token(self):
if(self._token is None):
values = {'accountType' : self.account_type,
'Email' : self.email,
'Passwd' : self.password,
'source' : self.source,
'service' : self.service}
data = urllib.urlencode(values)
request = urllib2.Request(self.url, data)
response = urllib2.urlopen(request)
responseAsString = response.read()
responseAsList = responseAsString.split('\n')
self._token = responseAsList[2].split('=')[1]
return self._token
The get_token method will return the token you need to insert into the
request sent to the C2DM service hosted by Google. What is required is
that your server has internet access.
Hope this helps
Regards
Tomas Malmsten
http://www.tomasmalmsten.com/
> 1. get current account TOKEN (AuthSub token) from AccountManager
> 2. start a request to server, which hosting on GAE**, with this kind of
> 3. fetch cookie from server, and use that authentication cookie in all
This is a late replay and perhaps no longer needed.
I wrote the application server using Python and am so far hosting it
on my local machine. The Client Login token is fetched in a factory
class. The code is below:
class ClientLoginTokenFactory():
_token = None
def __init__(self):
self.url = 'https://www.google.com/accounts/ClientLogin'
self.account_type = 'HOSTED_OR_GOOGLE'
self.email = 'gmail.register...@gmail.com'
self.password = 'passwordForAboveAccount'
self.source = 'SOME_SOURCE_STRING'
self.service = 'ac2dm'
def get_token(self):
if(self._token is None):
values = {'accountType' : self.account_type,
'Email' : self.email,
'Passwd' : self.password,
'source' : self.source,
'service' : self.service}
data = urllib.urlencode(values)
request = urllib2.Request(self.url, data)
response = urllib2.urlopen(request)
responseAsString = response.read()
responseAsList = responseAsString.split('\n')
self._token = responseAsList[2].split('=')[1]
return self._token
The get_token method will return the token you need to insert into the
request sent to the C2DM service hosted by Google. What is required is
that your server has internet access.
Hope this helps
Regards
Tomas Malmsten
http://www.tomasmalmsten.com/
> 2. start a request to server, which hosting on GAE**, with this kind of
> 3. fetch cookie from server, and use that authentication cookie in all
Vincent Tsao
Oct 10, 2010, 10:58:06 PM10/10/10
to androi...@googlegroups.com
Hi Tomas, thanks for your reply
y, my problem has been solved already.
my server is powered by ROR, and build my user system myself. so user's email is necessary, however, bad guy can fake a sign-up request using email which may not belong to him. Fortunately, i can use token to check if the email is valid via GData API
y, my problem has been solved already.
my server is powered by ROR, and build my user system myself. so user's email is necessary, however, bad guy can fake a sign-up request using email which may not belong to him. Fortunately, i can use token to check if the email is valid via GData API
Costin Manolache
Oct 11, 2010, 12:29:58 AM10/11/10
to androi...@googlegroups.com
I should note that it's recommended to use ClientLogin outside of the hosted app, so the
server only has access to the token. The token can only be used for sending messages.
Also in the response you should check the headers for an updated token.
Costin
Shivam saxena
Jun 16, 2012, 1:34:29 AM6/16/12
to androi...@googlegroups.com
Sir,
Can we used other email id like a...@yahoo.com, a...@rediffmail.com and also how can i send message to multiple android device. Right now, I am sending a push notification on same device but how can i send notification to different device.
Please tell me.
Thank you in advance.
Reply all
Reply to author
Forward
0 new messages