OAuthLoginManager

971
16
05-10-2019 01:15 PM
by Anonymous User
Not applicable

I am trying to update our application to 100.5 from 10.2.9.  I am trying to authenticate the application and have an application setup for the application in our AGOL Organization with a client id and redirect uri.  Am running into issues using OAuthLoginManager when I run oAuthLoginManager.launchOAuthBrowserPage(context); I get the message...

Please copy this code, switch to your application and paste it there.  Struggling to find a good example that describes this.  Also strange that it opens up Chrome rather than opening within the app as it did with 10.2.9.  Any guidance in the right direction greatly appreciated.  

private OAuthManagement() {

final int OAUTH_EXPIRATION_NEVER = -1;
oAuthLoginManager = new OAuthLoginManager("https://arcgis.com", "YOUR_CLIENT_ID", "urn:ietf:wg:oauth:2.0:oob", OAUTH_EXPIRATION_NEVER);
}

public void LaunchLogin(Context context) {
oAuthLoginManager.launchOAuthBrowserPage(context);
}

public void handleTokenCredential(Intent intent) {
portal = new Portal("https://www.arcgis.com", true);
ListenableFuture<OAuthTokenCredential> futureToken = oAuthLoginManager.fetchOAuthTokenCredentialAsync(intent);

try {
OAuthTokenCredential oAuthTokenCredential = futureToken.get();
portal.setCredential(oAuthTokenCredential);
portal.loadAsync();
portal.addDoneLoadingListener(new Runnable() {
@Override
public void run() {
if(portal.getLoadStatus() == LoadStatus.LOADED) {
ArcGISRuntimeEnvironment.setLicense(portal.getPortalInfo().getLicenseInfo());
}
}
});

} catch (InterruptedException e) {
e.printStackTrace();
} catch (ExecutionException e) {
e.printStackTrace();
}
}
}

0 Kudos
16 Replies
GuntherHeppner
Esri Contributor

Hi Aaron,

I suggest you use our DefaultAuthenticationChallengeHandler to implement authentication with the portal.

https://developers.arcgis.com/android/latest/api-reference/reference/com/esri/arcgisruntime/security...

If you want to authenticate via OAuth you have to implement the following steps:

1. Set the  DefaultAuthenticationChallengeHandler on the AuthenticationManager by calling AuthenticationManager.setAuthenticationChallengeHandler(authenticationChallengeHandler).

2. Add an OAuth configuration to the AuthenticationManager with AuthenticationManager.addOAuthConfiguration(OAuthConfiguration)

3. Handle the apps redirect URI with the DefaultOAuthIntentReceiver, which needs to be added to your manifest:

<activity
   android:name="com.esri.arcgisruntime.security.DefaultOAuthIntentReceiver"
   android:launchMode="singleTask"
   android:configChanges="keyboard|keyboardHidden|orientation|screenSize"
   android:label="YourLabel">
   <intent-filter>
     <action android:name="android.intent.action.VIEW"/>
     <category android:name="android.intent.category.DEFAULT"/>
     <category android:name="android.intent.category.BROWSABLE"/>
     <data android:scheme="your-redirect-URI"/>
   </intent-filter>
 </activity>

 

Note that the DefaultAuthenticationChallengeHandler will always use a device-installed browser window to prompt users for credentials instead of prompting within the application, which is in line with the OAuth security guidelines.

Unfortunately we don't have a sample of this published yet, but we are working on it.

Gunther

0 Kudos
by Anonymous User
Not applicable

Hi Gunther, I am able to follow what you are saying on steps 1 and 2 in

your response. A couple of questions.

1. The code that needs to be added to the AndroidManifest.xml. Wouldn't I

just add in *

0 Kudos
AaronDick
Occasional Contributor

Gunther, Tried to respond via email and it look like it cut off what I wrote...below is my reply...

Hi Gunther,  I am able to follow what you are saying on steps 1 and 2 in your response.  A couple of questions.  

1.  The code that needs to be added to the AndroidManifest.xml.  Wouldn't I just add in <data android:scheme="urn:ietf:wg:oauth:2.0:oob "/>
 to an existing activity where I am handling as below or is there some other things going on in ...?
AuthenticationChallengeHandler handler = new DefaultAuthenticationChallengeHandler(this);
AuthenticationManager.setAuthenticationChallengeHandler(handler);
OAuthConfiguration oAC = new OAuthConfiguration(urlLogin, Client_ID, "urn:ietf:wg:oauth:2.0:oob", OAUTH_EXPIRATION_NEVER);
AuthenticationManager.addOAuthConfiguration(oAC);
2.  Don't really understand how I am supposed to launch the login page.  With OauthLoginManager I use this...
oAuthLoginManager.launchOAuthBrowserPage(getApplicationContext());
How do I launch the login with AuthenticationManager?
3.  Will this method produce a credential?  I want to avoid the user having to login every time they open up the application.  In 10.2.9 we were storing and encrypting AGOL credentials on the device.
0 Kudos
GuntherHeppner
Esri Contributor

Hi Aaron,

1. The DefaultOAuthIntentReceiver is an activity provided by the SDK for you. You just need to add it to your manifest so it can handle redirect intents from the browser. You don't need to handle the intents from the browser in your own activity.

2. You don't need to launch the login page by yourself, the SDK will do that for you as soon as you load your Portal instance. As soon as you call portal.loadAsync() you should get prompted for credentials. That means you don't need to set a credential on the Portal instance before you load it.

3. Once the user has provided the correct username and password in the login page, a credential will be set on the Portal instance. The SDK also caches this credential in the AuthenticationManager.CredentialCache. You can persist this cache to json and restore it later on. Encrypting the stored credentials is something you need to take care of, just like in 10.2.9.

https://developers.arcgis.com/android/latest/api-reference/reference/com/esri/arcgisruntime/security...

0 Kudos
AaronDick
Occasional Contributor

Hi Gunther,  All of that makes sense.  Have initiated the way you describe and for whatever reason am not seeing a login prompt...

AndroidManifest.xml

<activity
android:name="com.esri.arcgisruntime.security.DefaultOAuthIntentReceiver"
android:launchMode="singleTask"
android:configChanges="keyboard|keyboardHidden|orientation|screenSize"
android:label="YourLabel">
<intent-filter>
<action android:name="android.intent.action.VIEW"/>
<category android:name="android.intent.category.DEFAULT"/>
<category android:name="android.intent.category.BROWSABLE"/>
<data android:scheme="urn:ietf:wg:oauth:2.0:oob"/>
</intent-filter>
</activity>

Function from OnCreate of Launcher Activity  

String urlLogin = getResources().getString(R.string.portal_url);

try {
AuthenticationChallengeHandler handler = new DefaultAuthenticationChallengeHandler(this);
OAuthConfiguration oAC = new OAuthConfiguration(urlLogin, Client_ID2, "urn:ietf:wg:oauth:2.0:oob", OAUTH_EXPIRATION_NEVER);
AuthenticationManager.addOAuthConfiguration(oAC);
AuthenticationManager.setAuthenticationChallengeHandler(handler);

} catch (MalformedURLException e) {
throw new AssertionError(e);
}


// create a portal to ArcGIS Online
Portal portal = new Portal(urlLogin);

portal.addDoneLoadingListener(new Runnable() {
@Override
public void run() {
if (portal.getLoadStatus() == LoadStatus.LOADED) {
// loaded
//String x = portal.getUser().getFullName();
}
}
});

portal.loadAsync();

0 Kudos
AaronDick
Occasional Contributor

Gunther, OK my bad on this. Neglected to set loginRequired to "true" on Portal..

Portal portal = new Portal(urlLogin, true);

That code above works to prompt login once that is done.

GuntherHeppner
Esri Contributor

Aaron,

Setting the "loginRequired" flag to true when constructing the Portal is the right way to do it. Otherwise, if your Portal allows anonymous login, it won't prompt upon loading.

Glad you could make it work.

Gunther

0 Kudos
AaronDick
Occasional Contributor

Gunther, OK am back to the same issue as with the other method.  Get this after I login with AGOL credentials.  Tried several organizations I have membership to, but got the same results every time.

0 Kudos
AaronDick
Occasional Contributor

Also added in code for onResume when back in the application that portal (which I am making an activity level variable) does not return the credential after username and password have been entered in triggered by portal.loadAsync();

in onResume after return to app

portal.getCredential() returns null.

0 Kudos