Friday, September 28, 2012

[Gd] Cool YouTube apps from Google I/O 2012

| More

YouTube API Blog: Cool YouTube apps from Google I/O 2012


We're constantly amazed at the innovative ways that developers incorporate YouTube into their applications. At Google I/O this year, 12 partners (over 30% from outside the U.S.) demonstrated their apps in the YouTube section of the Developer Sandbox, a demo area highlighting applications based on technologies and products featured at I/O.

Google's own Daniel Sieberg, an Emmy-nominated journalist, interviewed some of our partners about their use of the YouTube APIs.

With Daniel’s hectic schedule, he only had time to interview a handful of our great partners.  With that in mind, we highlighted all the awesome apps showcased by our partners at the YouTube API Developer Sandbox.

Business.me (YouTube Data API and YouTube Player API)

OverviewBusiness.me, headquartered in Singapore, is the place to share and discover videos about business.  They have created a video-sharing site to help producers of business videos reach their audience.  The site also helps business professionals discover relevant business information in video format.
Fun FactOscar Moreno, CEO, not only holds Business and Law degrees, he helped launch several startups (Business.me, Netjuice, Keldoo, and Tuenti).



Code Hero (YouTube Data API)

OverviewCode Hero teaches you to code through a fun, 3D game. Become a code hero and shape the future!
Fun FactThe Code Hero Team implemented the recording mechanism in the game that exports to YouTube at a 3 day hackathon!

Bonus: The game has
sharks with lasers attached to their heads!


Flipboard (YouTube Data API and YouTube Player API)

OverviewSee everything on Flipboard, all your news and life’s great moments in one place. Using the YouTube Data API, Flipboard lets users discover, rate, share, and comment on top videos from YouTube. In addition, users can access their own videos and subscriptions, and subscribe to other YouTube users.
Fun FactFlipboard launched an Android app one week before I/O with a YouTube and Google+ integration!



LOOT Entertainment by Sony DADC (YouTube Data API)

OverviewGather your friends and set up your own production crew inside PlayStation®Home! What will you be? Director? Actor? Cinematographer? Extra? Try them all! Check out the amazing Machinima tools to help you record, light and build your film or television sets! What will you make?
Fun FactLOOT gives you tons of sets to make your own movies (machinima) on the PS3, including a Ghostbusters Firehouse Stage Set!



Moviecom.tv (YouTube Data API and YouTube Player API)

OverviewA simple and easy online video platform for businesses. Record, centralize and share instantly.  Moviecom.tv also allows you to link directly to your YouTube account through the YouTube APIs.
Fun FactThe founders flew all the way from Glasgow to attend Google I/O!



Parrot (YouTube Data API and YouTube Player API)

OverviewThe Parrot AR.Drone is a quadricopter that can be controlled by a smartphone or tablet. Get more out of your AR.Drone with the AR.Drone Academy. Keep track of all your flights on the Academy map.  Watch your best videos with added statistical feedback and directly share online with pilots from all over the world!
Fun FactParrot makes remote controlled flying devices that can record and track their flights!



PicoTube - Vettl, Inc. (YouTube Data API and YouTube Player API)

OverviewPicotube uses content from YouTube and allows users to create avatars, watch clips together, create playlists, and rate videos selected by other video jockeys.
Fun FactPicotube was the Grand Prix winner of TechCrunch Tokyo 2011!



Skimble (YouTube Data API and YouTube Player API, and new Android Player API)

OverviewHere to power the mobile fitness movement, Skimble offers fun, dynamic and social applications for everyone. Available now are Skimble's Workout Trainer and GPS Sports Tracker apps that help motivate people to get and stay active.  Skimble uses the YouTube Player API to display fitness videos.  
Fun FactCo-founder Maria Ly got the crowd moving at one of YouTube’s Google I/O Sessions!



Squrl (YouTube Data API and YouTube Player API)

OverviewSqurl is a great place to watch and discover video. Know what videos are trending, receive recommendations on what to watch and see what your friends are watching.
Fun FactCo-founders Mark Gray and Michael Hoydich also founded the successful software development company IndustryNext together in 2004!



Telestream (YouTube Data API and YouTube Player API)

OverviewTelestream demonstrated Wirecast for YouTube, a live video production and streaming product, which was developed specifically for Google YouTube partners.  Telestream specializes in products that make it possible to get video content to any audience regardless of how the content is created, distributed or viewed (entire process).  
Fun FactTelestream’s NASCAR Project won the IBC2012 Innovation Award!



Vidcaster (YouTube Data API and YouTube Player API)

OverviewVidCaster is a video site creation platform that allows you to create a video portal instantly from your existing video library on YouTube or other video hosts. Choose from a beautiful set of designer themes and customize to your heart's content using VidCaster's powerful template language.
Fun FactKieran Farr, CEO and co-founder, used to drive a taxi full-time in San Francisco before becoming a successful entrepreneur!



WeVideo (YouTube Data API)

OverviewWeVideo is a cloud-based video editing suite that allows easy, full-featured, collaborative HD video editing across Google Drive, Chromebooks, and Android devices.
Fun FactWeVideo partnered with Marvel and YouTube to allow fans to create their own trailers!

URL: http://apiblog.youtube.com/2012/09/cool-youtube-apps-from-google-io-2012.html

[Gd] Fridaygram: underwater views, disappointing squid, space move

| More

Google Developers Blog: Fridaygram: underwater views, disappointing squid, space move

Author Photo
By Scott Knaster, Google Developers Blog Editor

If you’re making a map of the world, you have to pay attention to the large fraction of the planet that’s beneath the water. That’s why Google Maps now includes underwater panoramic images from around the oceans. Naturally, there are a lot of wonderful sights to see, including a sea turtle with a school of fish and an ancient boulder coral. And just for fun, you can watch an underwater hangout from the Great Barrier Reef, without traveling to Australia or getting wet.



We don’t know if Google Maps has yet captured an image of a vampire squid (Vampyroteuthis infernalis). But researchers have found that this creature, whose name means "vampire squid from hell", has been more than a little overhyped. The vampire squid doesn’t hunt victims for blood. Instead, it eats random detritus floating around in the ocean. Still: great name!

Finally, the people who operate the International Space Station have a lot to do, such as making sure it doesn’t plow into any space junk. With that excellent goal in mind, NASA was considering moving the ISS this week to avoid an old satellite and a piece of rocket in its path. How do you move the ISS? By firing the engines of a docked cargo ship, of course!


Fridaygram posts are mostly for fun, not necessarily for developer stuff like our posts the rest of the week. This week Google turned 14 years old, and like lots of others its age, Google is already learning how to drive.
URL: http://googledevelopers.blogspot.com/2012/09/fridaygram-underwater-views.html

[Gd] How redBus uses BigQuery to master big data

| More

Google Developers Blog: How redBus uses BigQuery to master big data

Author Photo
By Pradeep Kumar, redBus

This guest post was written by Pradeep Kumar. Pradeep is a technical architect at redBus, an online travel agency in India that provides a unified online bus ticketing service. We recently published a business case study for redBus and wanted to dive into some more technical detail for the readers of the Google Developers Blog.


Our company has been providing Internet bus ticketing for India since 2006. There are more than 10,000 bus routes available for booking, and we have dozens of machines processing booking requests. Each step in the booking process produces a lot of data – on search terms, route availability, server health and more. We needed tools to to be able to process this data quickly and easily to determine whether decreases in customer bookings are the result of server problems or simply less demand.

While we typically use relational databases to store and analyze data, we knew we needed something more powerful if we wanted to analyze 500GB or more, so we started to look at open source frameworks like Hadoop and analysis platforms like Hive and Pig. We found that these frameworks require considerable in-house expertise and infrastructure investments and wouldn’t give us answers to our questions as fast as we wanted. We decided to try out Google BigQuery as a trusted tester, with hopes that it would give us the ability to perform quick iterative analysis without much up-front investment. Our initial tests went very well, so we started building our analysis tools on top of BigQuery.

BigQuery allows us to run SQL-like queries to understand the bus routes in highest demand and what types of searches users are performing. We’ve also used it to build internal dashboards that give us a snapshot of system health.


For more information on how we structured our immutable tables, pipelined our data into BigQuery for analysis using RabitMQ, and to see example SQL queries we’ve used, check out my article on developers.google.com.


Pradeep Kumar is a technical architect at redBus.

Posted by Scott Knaster, Editor
URL: http://googledevelopers.blogspot.com/2012/09/how-redbus-uses-bigquery-to-master-big.html

Thursday, September 27, 2012

[Gd] AngelHack unites 100+ developers to hack on big data

| More

Google Developers Blog: AngelHack unites 100+ developers to hack on big data

Michael
Ryan

By Ryan Boyd and Michael Manoochehri, Cloud Developer Relations

Last weekend, we had the pleasure of joining 100+ developers at the AngelHack Big Data hackathon in San Francisco. The event, hosted at the HUB co-working space, was a fantastic gathering of people interested in hacking away on big data.


We had a great time talking with developers about Google BigQuery and the Google Cloud Platform, getting some new feature requests, and learning new things from the folks at Firebase, Couchbase, p(k) and more. We were happy to see a couple dozen developers having the chance to try out BigQuery over the weekend. We also did our first in-person demo of a query running a regular expression match across 13 billion rows (1TB) of data in just 23 seconds, which was very well received!

We went to the event bearing some App Engine schwag and a $250 gift certificate to the Google Play Store to be awarded to the best project that incorporated Google BigQuery or App Engine for crunching big data. We also had a number of datasets to share with the group ranging from stock data provided by NASDAQ Data-On-Demand (powered by Xignite) and US birth statistics data to Wikipedia revision histories + pageviews and n-grams from Google Books.

The prize for the best use of BigQuery or App Engine went to Deepti Yadlapalli and Sushma Yadlapalli. They created a mashup with the NASDAQ stock data, BigQuery and Prior Knowledge's Veritable API to look at correlation between the ask/bid spreads of various stock tickers. Congrats!

Thanks to all the fantastic developers who joined us for the hackathon, and also to the organizers of AngelHack for producing a great event.

Our team is traveling to London for Strata next week. We’re also going to be attending a number of other events, including the London GDG, Big Data London meetup, Big Data Analytics Sydney meetup, Sydney GDG and the Google for Entrepreneurs Day in Sydney. If you’re at any of those events, stop by and let us know what you’re doing with big data!


Ryan Boyd is a Developer Advocate, focused on big data. He's been at Google for 6 years and previously helped build out the Google Apps ISV ecosystem. He published his first book, "Getting Started with OAuth 2.0", with O'Reilly.

Michael Manoochehri is a Developer Programs Engineer working with Google's Cloud developer products. With many years of experience working for research and non-profit organizations, he's interested in making large scale data analysis more accessible and affordable.

Posted by Scott Knaster, Editor
URL: http://googledevelopers.blogspot.com/2012/09/angelhack-unites-100-developers-to-hack.html

[Gd] Dev Channel Update for Chrome OS

| More

Chrome Releases: Dev Channel Update for Chrome OS

The Dev channel has been updated to 23.0.1271.11 (Platform version: 2913.27.0) for Chromebooks (Acer AC700, Samsung Series 5 550, Samsung Series 3, and Cr-48) and Samsung Chromebox Series 3. This build contains stability and UI improvements.

Highlights of these changes are:
  • Stability improvements
  • UI/UX improvements

Known Issues:
  • 151924 - Local audio and video players broken in ChromeOS
  • Camera app doesn't start
  • Settings window doesn't open when you browse as guest
If you find new issues, please let us know by visiting our help site or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue’ under the wrench menu.

Ben Henry & Josafat Garcia
Google Chrome
URL: http://googlechromereleases.blogspot.com/2012/09/dev-channel-update-for-chrome-os_27.html

[Gd] Expand your reach with web apps

| More

Google Apps Developer Blog: Expand your reach with web apps

Apps Script developers that wished to share their work with a larger audience have traditionally turned to the Script Gallery, which allows other users to copy and install the script into their own spreadsheets. While appropriate for custom functions and spreadsheet extensions, it didn't fit well when distributing more complex functionality and apps.

In this blog post we'll be highlighting a newer way to distribute your scripts: deploying them as a web app and publishing them to the Chrome Web Store. Compared to the Script Gallery, the Chrome Web Store has some distinct advantages for developers:

  • Automatic updates - Change your code, do some testing, and publish a new version to update the app for all users instantly.
  • More information - Detailed descriptions, promotional images, ratings, and reviews lead to compelling listings.
  • Greater discoverability - Visit the Chrome Web Store site to learn about the benefits.

Looking through the Script Gallery we believe there are many scripts that would be a great fit for the Chrome Web Store and would benefit from the advantages listed above. Some aspects of a good candidate script are:

  • Custom UI - Users interact with your script through a custom user interface, not via custom spreadsheet functions or onEdit triggers.
  • Background processing - Your script uses time-based triggers to do work in the background and doesn't require that the Google Spreadsheet is open.
  • Not primarily about Google Spreadsheets - Your script's main focus isn't spreadsheets and you utilize a variety of services to provide separate functionality.

A great example of such a script is Gmail Meter, which was first launched in the Script Gallery but has since been published to Chrome Web Store. Now users can install and run the script without needing to create a spreadsheet, see script code, or set up triggers. It may take a little work to update a spreadsheet-based script to use the web app model, and some common tasks are:

  • Implement doGet() - Instead of showing your custom UI on the spreadsheet with Spreadsheet.show(), put the same code into the doGet() method and return the final UiInstance or HtmlOutput object.
  • Deploy as a web app - Configure your script to run as a web app, which will assign it a unique URL. In most cases you'll want the web app to run as the user so that it can access their services.
  • Remove references to active spreadsheet - When published as a web app there is no active spreadsheet, so if your script needs access to a spreadsheet then you'll need to use SpreadsheetApp.openById() instead. You can use the DocsList service or the DocsListDialog UI widget to help users locate the desired spreadsheet.
  • Handle multiple users - When published as a web app users access the same copy of the script, so you may need to change the way you organize data to avoid conflicts. UserProperties work well for small settings, and when using ScriptDb make the user's login ID or email address part of the objects so that you can filter for them later.

Publishing to the Chrome Web Store only takes a few clicks, and we provide instructions for the process in our documentation. We hope that you are inspired to take your scripts to the next level, and if you have any questions along the way feel free to reach out to us on StackOverflow or Google+.


Eric Koleda profile

Eric is a Developer Programs Engineer based in NYC on the Google Apps Script team. He's previously worked with the AdWords API and enterprise content management software.

URL: http://googleappsdeveloper.blogspot.com/2012/09/expand-your-reach-with-web-apps.html

[Gd] Dev Channel Update

| More

Chrome Releases: Dev Channel Update

The Dev channel has been updated to 23.0.1271.10 for Windows, Mac, Linux and Chrome Frame platforms

This build fixes several known crashes as well as:

  • Win8: Fixed Pre-edit character appears when bringing up the Touch keyboard (Issue: 151587)
  • Mac: Flash timezone issue is fixed (Issue: 149006)

More details about additional changes are available in the svn log of all revisions.

You can find out about getting on the Dev channel here: http://dev.chromium.org/getting-involved/dev-channel.

If you find new issues, please let us know by filing a bug at http://code.google.com/p/chromium/issues/entry

Karen Grunberg
Google Chrome
URL: http://googlechromereleases.blogspot.com/2012/09/dev-channel-update_27.html

Wednesday, September 26, 2012

[Gd] DevFest season starts off with a bang

| More

Google Developers Blog: DevFest season starts off with a bang

Author PictureBy Phoebe Peronto, Developer Marketing

This past weekend marked the beginning of the DevFest season with 10 local events reaching developers in 6 different countries. Local Google Developer Groups spearheaded these community-organized events, offering technical sessions, hackathons, and code labs across various Google product areas. There was too much excitement and feedback to fit into a post without making it enormous, so we’ve chosen some highlights from both organizers and participants.

DevFest Lille | Host: GDG Lille
“Merci à tous les organisateurs, c'était très intéressant :)” --Rémi Bruyère, DevFest Lille attendee

DevFest Jalandhar | Host: GDG Jalandhar City



DevFest London | Host: GDG London
With over 100 developers in attendance and 10 hackathon entries submitted, DevFest London was a success!  We had nine Googlers giving back-to-back developer talks for the day, on everything from Android to Chrome to Google+, with some Drive and Google TV for good measure. The biggest highlight was our mid-afternoon keynote from Michael Mahemoff with his ten moments that changed the web - from Netscape to Chrome and a special mention of Nyan Cat. -- Mark Lunney, GDG London Lead Organizer
“+Michael Mahemoff 's talk on top 10 moments that changed the web is awesome - it boosts morale for our commitment to HTML5 and JavaScript … The Nyan cat at the end rocks.” -- Shah Auckburaully, London DevFest attendee

DevFest NIT Trichy | Host: GDG NIT Trichy
We had an amazing DevFest here at NIT Trichy yesterday! I feel proud to say that DevFest Trichy was a success and the turnout was wonderful.  The talks by Shannon Behrens and Ido Green were really good and our developer community did find it informative. Abhishek Shrivastava's interactive session on developing hacks and apps using Google Chrome APIs was a hit especially the "How-to-develop-a-Chrome-app-in-30-secs!".  GDG NIT Trichy looks forward to more such events in future. :) -- Jeh Agarwal, GDG NIT Trichy DevFest lead organizer

DevFest Shanghai | Host: GDG Shanghai
With 350 developers in attendance and sessions covering everything from Android and Chrome development, to Golang and HTML5, DevFest Shanghai was a hit.  Check out photos from the event -- Sting Chen, GDG Shanghai organizer

DevFest Gandhinagar | Host: GDG Gandhinagar
The major part of the event was based on Android Game Development and Open Mobile Platform. Dart session by Shannon Behrens was a big hit with the participants. Relive the Devfest experience with GDG Gandhinagar’s event photos. -- Deep Moteria, GDG Gandhinagar organizer

DevFest BITS Pilani | Host: GDG BITS-Pilani
Attendees at DevFest BITS Pilani were excited to engage with Google’s technologies. The entire GDG BITS Pilani team would like to thank Google and GDG for making our DevFest possible. This was a novel event for our attendees and we look forward to the return of an even bigger and better DevFest in the future!  -- Akash Saxena, GDG BITS-Pilani DevFest lead organizer

DevFest Manipal | Host: GDG Manipal
Crazy Day One! Close to 350 people turned up for it. +Soham Mondal was the main Speaker. Day two had full day speaker sessions including one by Ido Green and final day saw hackathon attended by 80 developers. Overall a fun developer event. - Nikhil Gupta, GDG Manipal organizer

DevFest Tijuana | Host: GDG Tijuana
Agradecemos a todos su participacion en el evento #SFD2012  + #DevFest   #GDG   #Tijuana  Fue todo un exito.

Want more details?  Visit the GDG event pages below to catch up on all things DevFest.
Shanghai
Lille
Manipal
Jalandhar
NIT Trichy
Gandhinagar
BITS Pilani
Tijuana
London
Sacramento

And, we’re just getting started.  See below for upcoming events.  
Bangalore
IIT Guwahati
Goa
Surabaya
Auckland
Colombo
Jakarta
Seattle
DC
Kyoto
Amman


DevFest season kicked off on September 21st and continues through November 11th.  Join your local developer community at an upcoming DevFest and discover the magic for yourself.  Visit devfest.info for more details and location updates.



Phoebe Peronto is an Associate Product Marketing Manager on the Developer Marketing team here at Google. She’s a foodie who has a penchant for traveling, politics, and running. Oh, and of course...Go Cal Bears!

Posted by Scott Knaster, Editor
URL: http://googledevelopers.blogspot.com/2012/09/devfest-season-starts-off-with-bang.html

[Gd] Chrome for Android Update

| More

Chrome Releases: Chrome for Android Update

The Chrome team is happy to announce the availability of Chrome for Android on Intel x86 devices, which means that if you have an Android device based on x86, you’ll now be able to experience the speed, security, and simplicity of Chrome.

Chrome 18.0.1026311 is now available for download on Google Play and from the Google Play Store on your Intel x86 based mobile device.  Known issues are available on the Chrome support site.  If you find a new issue, please let us know by filing a bug.  More information on Chrome for Android is available on the Chrome site.

Vinod Ramachandran
Google Chrome
URL: http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update_26.html

[Gd] Chrome OS Management Console Update

| More

Chrome Releases: Chrome OS Management Console Update

The Chrome OS settings in the administrator control panel has been updated. This update brings new features including:
Known issues are available here. Enterprise customers can report an issue by contacting support.

Lawrence Lui
Google Chrome
URL: http://googlechromereleases.blogspot.com/2012/09/chrome-os-management-console-update.html

[Gd] Beta Channel Update

| More

Chrome Releases: Beta Channel Update

The Beta channel has been updated to 22.0.1229.91 for Windows, Mac, and Linux.  A complete log of what changed can be found in the svn revision log.  Instructions and download links for our different release channels are available on the Chromium wiki.  If you find what you think is a new bug, please file it in our issue tracker.

Jason Kersey
Google Chrome
URL: http://googlechromereleases.blogspot.com/2012/09/beta-channel-update_26.html

[Gd] Google Play services and OAuth Identity Tools

| More

Android Developers Blog: Google Play services and OAuth Identity Tools

Posted by Tim Bray

Google Play services has started to roll out and should arrive on virtually all Android 2.2+ devices with the Google Play Store in the very near future. At that point, all those devices will have new tools for working with OAuth 2.0 tokens. This is an example of the kind of agility in rolling out new platform capabilities that Google Play services provides.

Why OAuth 2.0 Matters

The Internet already has too many usernames and passwords, and they don’t scale. Furthermore, your Android device has a strong notion of who you are. In this situation, the industry consensus is that OAuth 2.0 is a good choice for the job, offering the promise of strong security minus passwords.

Google Play services make OAuth 2.0 authorization available to Android apps that want to access Google APIs, with a good user experience and security.

Typically, when you want your Android app to use a Google account to access something, you have to pick which account on the device to use, then you have to generate an OAuth 2.0 token, then you have to use it in your HTTP-based dialogue with the resource provider.

These tasks are largely automated for you if you’re using a recent release of the Google APIs Client Library for Java; the discussion here applies if you want to access the machinery directly, for example in sending your own HTTP GETs and POSTs to a RESTful interface.

Preparation

Google Play services has just started rolling out, and even after the rollout is complete, will only be available on compatible Android devices running 2.2 or later. This is the vast majority, but there will be devices out there where it’s not available. It is also possible for a user to choose to disable the software.

For these reasons, before you can start making calls, you have to verify that Google Play services is installed. To do this, call isGooglePlayServicesAvailable(). The result codes, and how to deal with them, are documented in the ConnectionResult class.

Choosing an Account

This is not, and has never been, rocket science; there are many examples online that retrieve accounts from Android’s AccountManager and display some sort of pick list. The problem is that they all have their own look and feel, and for something like this, which touches on security, that’s a problem; the user has the right to expect consistency from the system.

Now you can use the handy AccountPicker.newChooseAccountIntent() method to give you an Intent; feed it to startActivityForResult() and you’ll launch a nice standardized user experience that will return you an account (if the user feels like providing one).

Two things to note: When you’re talking to these APIs, they require a Google account (AccountManager can handle multiple flavors), so specify GoogleAuthUtil.GOOGLE_ACCOUNT_TYPE argument as the value for the allowableAccountTypes argument. Second, you don’t need an android.accounts.Account object, you just use the email-address string (available in account.name) that uniquely identifies it.

Getting a Token

There’s really only one method call you need to use, GoogleAuthUtil.getToken(). It takes three arguments: a Context, an email address, and another string argument called scope. Every information resource that is willing to talk OAuth 2.0 needs to publish which scope (or scopes) it uses. For example, to access the Google+ API, the scope is oauth2:https://www.googleapis.com/auth/plus.me. You can provide multiple space-separated scopes in one call and get a token that provides access to all of them. Code like this might be typical:

  private final static String G_PLUS_SCOPE = 
"oauth2:https://www.googleapis.com/auth/plus.me";
private final static String USERINFO_SCOPE =
"https://www.googleapis.com/auth/userinfo.profile";
private final static String SCOPES = G_PLUS_SCOPE + " " + USERINFO_SCOPE;

In an ideal world, getToken() would be synchronous, but three things keep it from being that simple:

  1. The first time an app asks for a token to access some resource, the system will need to interact with the user to make sure they’re OK with that.


  2. Any time you ask for a token, the system may well have a network conversation with the identity back-end services.


  3. The infrastructure that handles these requests may be heavily loaded and not able to get you your token right away. Rather than keeping you waiting, or just failing, it may ask you to go away and come back a little later.


The first consequence is obvious; you absolutely can’t call getToken() on the UI thread, since it’s subject to unpredictable delays.

When you call it, the following things can happen:

  • It returns a token. That means that everything went fine, the back-end thinks the authorization was successful, and you should be able to proceed and use the token.


  • It throws a UserRecoverableAuthException, which means that you need to interact with the user, most likely to ask for their approval on using their account for this purpose. The exception has a getIntent() method, whose return value you can feed to startActivityForResult() to take care of that. Of course, you’ll need to be watching for the OK in the onActivityResult() method.


  • It throws an IOException, which means that the authorization infrastructure is stressed, or there was a (not terribly uncommon on mobile devices) networking error. You shouldn’t give up instantly, because a repeat call might work. On the other hand, if you go back instantly and pester the server again, results are unlikely to be good. So you need to wait a bit; best practice would be the classic exponential-backoff pattern.


  • It throws a GoogleAuthException, which means that authorization just isn’t going to happen, and you need to let your user down politely. This can happen if an invalid scope was requested, or the account for the email address doesn’t actually exist on the device.


Here’s some sample code:

       try {
// if this returns, the OAuth framework thinks the token should be usable
String token = GoogleAuthUtil.getToken(this, mRequest.email(),
mRequest.scope());
response = doGet(token, this);

} catch (UserRecoverableAuthException userAuthEx) {
// This means that the app hasn't been authorized by the user for access
// to the scope, so we're going to have to fire off the (provided) Intent
// to arrange for that. But we only want to do this once. Multiple
// attempts probably mean the user said no.
if (!mSecondTry) {
startActivityForResult(userAuthEx.getIntent(), REQUEST_CODE);
response = null;
} else {
response = new Response(-1, null, "Multiple approval attempts");
}

} catch (IOException ioEx) {
// Something is stressed out; the auth servers are by definition
// high-traffic and you can't count on 100% success. But it would be
// bad to retry instantly, so back off
if (backoff.shouldRetry()) {
backoff.backoff();
response = authenticateAndGo(backoff);
} else {
response =
new Response(-1, null, "No response from authorization server.");
}

} catch (GoogleAuthException fatalAuthEx) {
Log.d(TAG, "Fatal Authorization Exception");
response = new Response(-1, null, "Fatal authorization exception: " +
fatalAuthEx.getLocalizedMessage());
}

This is from a sample library I’ve posted on code.google.com with an AuthorizedActivity class that implements this. We think that some of this authorization behavior is going to be app-specific, so it’s not clear that this exact AuthorizedActivity recipe is going to work for everyone; but it’s Apache2-licensed, so feel free to use any pieces that work for you. It’s set up as a library project, and there’s also a small sample app called G+ Snowflake that uses it to return some statistics about your Google+ posts; the app is in the Google Play Store and its source is online too.

Registering Your App

Most services that do OAuth 2.0 authorization want you to register your app, and Google’s are no exception. You need to visit the Google APIs Console, create a project, pick the APIs you want to access off the Services menu, and then hit the API Access tab to do the registration. It’ll want you to enter your package name; the value of the package attribute of the manifest element in your AndroidManifest.xml.

Also, it’ll want the SHA1 signature of the certificate you used to sign your app. Anyone who’s published apps to Google Play Apps knows about keystores and signing. But before you get there, you’ll be working with your debug-version apps, which are signed with a certificate living in ~/.android/debug.keystore (password: “android”). Fortunately, your computer probably already has a program called “keytool” installed; you can use this to get the signature. For your debug version, a correct incantation is:

keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore -v -list

This will print out the SHA1 signature in a nicely labeled easy-to-cut-and-paste form.

This may feel a little klunky, but it’s worth it, because some magic is happening. When your app is registered and you generate a token and send it to a service provider, the provider can check with Google, which will confirm that yes, it issued that token, and give the package name of the app it was issued to. Those of you who who’ve done this sort of thing previously will be wondering about Client IDs and API Keys, but with this mechanism you don’t need them.

Using Your Token

Suppose you’ve registered your app and called GoogleAuthUtil.getToken() and received a token. For the purposes of this discussion, let’s suppose that it’s “MissassaugaParnassus42”. Then all you need to do is, when you send off an HTTP request to your service provider, include an HTTP header like so:

Authorization: Bearer MissassaugaParnassus42

Then your HTTP GETs and POSTs should Just Work. You should call GoogleAuthUtil.getToken() to get a token before each set of GETs or POSTs; it’s smart about caching things appropriately, and also about dealing with token expiry and refresh.

Once again, as I said at the top, if you’re happy using the Google APIs Client Library for Java, it’ll take care of all the client-side stuff; you’ll still need to do the developer console app registration.

Otherwise, there’s a little bit of coding investment here, but the payoff is pretty big: Secure, authenticated, authorized, service access with a good user experience.



Join the discussion on

+Android Developers



URL: http://android-developers.blogspot.com/2012/09/google-play-services-and-oauth-identity.html