Skip to content Skip to sidebar Skip to footer

Android: Balancing Market Presence, Api Function Availability, And Approach To Cleint/server Authentication

I want to use Google Play Services so that I can access Google Saved Games API which allows me to seamlessly obtain authorisation tokens using Games.getGamesServerAuthCode(...) for

Solution 1:

If you use Google Sign-In with an app or site that communicates with a backend server, you might need to identify the currently signed-in user on the server. To do so securely, after a user successfully signs in, send the user's ID token to your server using HTTPS. Then, on the server, verify the integrity of the ID token and retrieve the user's ID from the sub claim of the ID token. You can use user IDs transmitted in this way to safely identity the currently signed-in user on the backend.

Send the ID token to your server

After a user successfully signs in, get the user's ID token:

GoogleSignInResultresult= Auth.GoogleSignInApi.getSignInResultFromIntent(data);
if (result.isSuccess()) {
    GoogleSignInAccountacct= result.getSignInAccount();
    StringidToken= acct.getIdToken();
    mIdTokenTextView.setText("ID Token: " + idToken);
    // TODO(user): send token to server and validate server-side
} else {
    mIdTokenTextView.setText("ID Token: null");
}

Full code implementation is found in the Authenticate with a Backend Server guide.

Post a Comment for "Android: Balancing Market Presence, Api Function Availability, And Approach To Cleint/server Authentication"