android application authentication ID

Question

I am trying to follow instructions here:

Verifying Back-End Calls from Android Apps

I'm expanding on the question I asked here:

identifying which android app is making contact with my appengine app

all was going well in my test environment. I had a debug.keystore that my app was using in eclipse, and I even received tokens from my calls to GoogleAuthUtil.getToken(). Then I copied my code to the actual project that it will be used in. I got the keystore (I had saved it from previous publishing on google play) and used it to create a new client ID on the Google APIs Console.

Then I use eclipse to export my project, but after using the right keystore and the associated ID, I am not getting tokens.

Meanwhile I've been trying different things. I had an ID that I made for my app engine app. I used that in the android app and I was given a token. I don't know weather or not that particular token would be cleared when I checked it on my app engine site (I suspect not) but I got a token from it.

I'm kinda assuming that the ID that I'm supposed to use with my android call to GoogleAuthUtil.getToken() is supposed to be from the 'Client ID for installed applications' section (of the Google API page). Is this not so? Only there can you set the application type to 'Android' and the package name to match your application... right?

Answer 1

I assume you're specifying a client_id using the format:

audience:server:client_id:$client_id

This client_id, as the format above tries to hint, is for your home server, in this case the AppEngine app's client_id (a web application client_id). It should verify nicely in AppEngine if you configure your AppEngine app properly.

Again, your Android app asks for a token and names your AppEngine App. You don't need to name your Android app's client_id in the request because the Android platform can recognize your app based on the package name and certificate hash you computed using the keystore tool.