CODEWITHSUNDEEP
androidapiauthenticationoauth
tnacho
tnacho

Reputation: 148

Requesting more than one oauth2 scope through AccountManager in Android

I'm in a situation where I need to request access tokens for two scopes (from my android application), https://www.googleapis.com/auth/userinfo.email and https://www.googleapis.com/auth/userinfo.userinfo

I would like to get both permissions on a single call to getAuthToken, but can't figure out the string to pass in the authTokenType parameter. I tried several reasonable combinations with no positive results :(

Has anyone solved this issue? Is it possible?

Upvotes: 2

Views: 4769

Answers (2)

Mendhak
Mendhak

Reputation: 8795

If you need multiple OAuth 2.0 scopes, use a space-separated list.

oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.userinfo

You asked for sample code, so have a look at the Google Docs Upload Sample application, and in this application have look at the authentication flow done in this sample Android screen (ignore that it's about Google Docs, it still authorizes first). You can get the whole application and run it in an emulator with Google APIs present or run it on your phone. The authorization workflow starts with the buttonAuthorize click, Authorize() and you are specifically interested in this method:

private void gotAccount(Account account)
{

    Bundle options = new Bundle();

    accountManager.getAuthToken(
            account,                     // Account retrieved using getAccountsByType()
            "oauth2:https://www.googleapis.com/auth/userinfo.email oauth2:https://www.googleapis.com/auth/userinfo.userinfo",            // Auth scope
            //"writely",            // Auth scope, doesn't work :(
            options,                        // Authenticator-specific options
            this,                           // Your activity
            new OnTokenAcquired(),          // Callback called when a token is successfully acquired
            null);    // Callback called if an error occurs
}

The user gets this access request screen:

enter image description here

Note that this is using the 'local' OAuth2 mechanism, not opening a web browser, but using the authentication provided when you first activated the Android phone.

Also note that the user sees the full URL of the scope instead of a friendly name, I haven't found a way around this and if you do find out it would be great if you could share the answer.

Upvotes: 6

toadzky
toadzky

Reputation: 3846

I was having the same issue. Shah is almost right, but his scope string is wrong. It should be

"oauth2:<scope_url> <scope_url>"

not

"oauth2:<scope_url> oauth2:<scope_url>"

Upvotes: 11

Related Questions