Showing posts with label AuthToken. Show all posts
Showing posts with label AuthToken. Show all posts

Wednesday, May 11, 2011

ClientLogin for Installed Applications for C2DM - Tutorial

Before you can write client applications that use the C2DM feature, you must have an HTTPS application server that meets the following criteria:Able to communicate with your client.
  • Able to fire off HTTP requests to the C2DM server.
  • Able to handle requests and queue data as needed. For example, it should be able to perform exponential back off.
  •  Able to store the ClientLogin Auth token and client registration IDs. The ClientLogin Auth token is included in the header of POST requests that send messages. For more discussion of this topic, see ClientLogin for Installed Applications. The server should store the token and have a policy to refresh it periodically.

The ClientLogin authorization process:
Authorization with ClientLogin involves a sequence of interactions between three entities: the installed application, Google services, and the user. This diagram illustrates the sequence:













  1. When the third-party application needs to access a user's Google service, it retrieves the user's login name and password.
  2. The third-party application then makes a ClientLogin call to Google's Authorization service.
  3. If the Google Authorization service decides additional vetting is necessary, it returns failure response with a CAPTCHA token and challenge, in the form of a URL for a CAPTCHA image. 
  4. If a CAPTCHA challenge is received, the third-party application displays the CAPTCHA image for the user and solicits an answer from the user. 
  5. If requested, the user submits an answer to the CAPTCHA challenge. 
  6. The third-party application makes a new ClientLogin call, this time including the CAPTCHA answer and token (received with the failure response). 
  7. On a successful login attempt (with or without CAPTCHA challenge), the Google Authorization service returns a token to the application. 
  8. The application contacts the Google service with a request for data access, referencing the token received from the Google Authorization service. 
  9. If the Google service recognizes the token, it supplies the requested data access.


How the Application Server Sends Messages

This section describes how the third-party application server sends messages to a 3rd party client application running on a mobile device.
Before the third-party application server can send a message to an application, it must have received a registration ID from it.
To send a message, the application server issues a POST request to https://android.apis.google.com/c2dm/send that includes the following:
FieldDescription
registration_idThe registration ID retrieved from the Android application on the phone. Required.
collapse_keyAn arbitrary string that is used to collapse a group of like messages when the device is offline, so that only the last message gets sent to the client. This is intended to avoid sending too many messages to the phone when it comes back online. Note that since there is no guarantee of the order in which messages get sent, the "last" message may not actually be the last message sent by the application server. Required.
data.<key>
Payload data, expressed as key-value pairs. If present, it will be included in the Intent as application data, with the <key>. There is no limit on the number of key/value pairs, though there is a limit on the total size of the message. Optional.
delay_while_idleIf included, indicates that the message should not be sent immediately if the device is idle. The server will wait for the device to become active, and then only the last message for each collapse_key value will be sent. Optional.
Authorization: GoogleLogin auth=[AUTH_TOKEN]Header with a ClientLogin Auth token. The cookie must be associated with the ac2dm service. Required.


This table lists the possible response codes:
ResponseDescription
200
Includes body containing:
  • id=[ID of sent message]
  • Error=[error code]
    • QuotaExceeded — Too many messages sent by the sender. Retry after a while.
    • DeviceQuotaExceeded — Too many messages sent by the sender to a specific device. Retry after a while.
    • InvalidRegistration — Missing or bad registration_id. Sender should stop sending messages to this device.
    • NotRegistered — The registration_id is no longer valid, for example user has uninstalled the application or turned off notifications. Sender should stop sending messages to this device.
    • MessageTooBig — The payload of the message is too big, see the limitations. Reduce the size of the message.
    • MissingCollapseKey — Collapse key is required. Include collapse key in the request.
503Indicates that the server is temporarily unavailable (i.e., because of timeouts, etc ). Sender must retry later, honoring any Retry-After header included in the response. Application servers must implement exponential back off. Senders that create problems risk being blacklisted.
401Indicates that the ClientLogin AUTH_TOKEN used to validate the sender is invalid


Code:


// Create a new HttpClient and Post Header 
HttpClient httpclient = new DefaultHttpClient(); 
HttpPost httppost = new HttpPost("https://www.google.com/accounts/ClientLogin"); 
// this is for proxy settings 

HttpParams params = httpclient.getParams(); 
params.setParameter("content-type", "application/x-www-form-urlencoded"); 
try { 
           // Add your data 
           List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(2); 
           nameValuePairs.add(new BasicNameValuePair("accountType","HOSTED_OR_GOOGLE")); 
           nameValuePairs.add(new BasicNameValuePair("Email","ar*****.pushapp@gmail.com")); 
           nameValuePairs.add(new BasicNameValuePair("Passwd","W******21")); 
           nameValuePairs.add(new BasicNameValuePair("service", "ac2dm")); 
           nameValuePairs.add(new BasicNameValuePair("source",   "arxxus.push.1.1")); 
           httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs)); 
    
           // Execute HTTP Post Requestu 
           HttpResponse response = httpclient.execute(httppost); 
          System.out.println(response.getEntity().toString()); 
          BufferedReader in = new BufferedReader(new InputStreamReader(response.getEntity().getContent())); 
          StringBuffer sb = new StringBuffer(""); 
          String line = ""; 
          while ((line = in.readLine()) != null) 
          { 
                    sb.append(line); 
          } 
          in.close(); 
         String result = sb.toString(); 
         String authToken=result.substring(result.indexOf("Auth=")+5); 
         System.out.println("Token="+authToken); 
         System.out.println("REGID"+RegistrationId);
         System.out.println(authToken.trim());

}//try

This code work properly on Apache Tomcat Server but while deploying this code on the Google App Engine you will get the Restricted class issues..So if you are thinking of deploying on Google App Engine Try this...


HttpURLConnection urlConnection;
URL url = new URL("https://www.google.com/accounts/ClientLogin");
urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.setRequestMethod("POST");
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
urlConnection.setUseCaches(false);
urlConnection.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
 
StringBuilder content = new StringBuilder();
content.append("Email=").append("ar*******pp@gmail.com");
content.append("&Passwd=").append("W******");
content.append("&service=").append("ac2dm");
content.append("&source=").append( "arxxus.push.1.1");
content.append("&accountType").append("HOSTED_OR_GOOGLE");
   
OutputStream outputStream = urlConnection.getOutputStream();
outputStream.write(content.toString().getBytes("UTF-8"));
outputStream.close();
int responseCode = urlConnection.getResponseCode();
System.out.println(responseCode+"\tSuccess");
StringBuffer resp = new StringBuffer(); 
if (responseCode == HttpURLConnection.HTTP_OK) 
{
   InputStream inputStream = urlConnection.getInputStream();
     BufferedReader rd = new BufferedReader(new InputStreamReader(inputStream));
     String line; 
     while ((line = rd.readLine()) != null) 
    
     if(line.startsWith("Auth="))
     {
     resp.append(line.substring(5)); 
     }
    
     rd.close(); 
}
String authToken=resp.toString();
System.out.println("AuthTOken"+authToken);


If you like this post..Please do comments..

How TOPT Works: Generating OTPs Without Internet Connection

Introduction Have you ever wondered how authentication apps like RSA Authenticator generate One-Time Passwords (OTPs) without requiring an i...