Field Operations

Authentication with ArcGIS Android 100.0.0 Part 2

In part 1 of this post we discussed HTTP based authentication using he new DefaultAuthenticationChallengeHandler class against an ArcGIS Portal.  In this part we are going to focus on the basics of OAuth authentication.  Using OAuth 2.0 for ArcGIS Android apps opens the system browser OAuth login page supplied with a Redirect URI to receive the authorization code.  If  you are new to OAuth, we recommend you read through our ArcGIS Security and Authentication documentation.

Register your app

First, you’ll need to register you app. Registering an app generates a unique Client ID and Client Secret.  The Client ID is the public identifier for your app and used to build a login URL.

Redirect URI

In order to redirect the user back to your application after they authorize your application you need to setup a custom protocol handler. When the user authorizes your app the system browser will be redirected to this URI (my-arcgis-app://auth for example) with the authorization code. To authenticate named users your app must declare an Activity and intent filter the redirect URI which will parse the authorization code from the response URI and use it to fetch the OAuthTokenCredential. The general workflow is as follows:

The developer pattern is shown below:

[sourcecode language=”java”]
private void oAuthBrowser() {
try {
// create a OAuthLoginManager object with portalURL, clientID, redirectUri and expiration
String[] portalSettings = getResources().getStringArray(R.array.portal);
oauthLoginManager = new OAuthLoginManager(portalSettings[1], portalSettings[2], portalSettings[3], 0);
// launch the browser to get the credentials
oauthLoginManager.launchOAuthBrowserPage(getApplicationContext());

} catch (Exception e) {
Log.e("error-", e.getMessage() + "");
}
}
[/sourcecode]

The resulting Intent is handled in your applications AndroidManifest.xml file with the following:

[sourcecode language=”xml”]
<activity android_name="com.esri.arcgisruntime.sample.MainActivity">
<intent-filter>
<action android_name="android.intent.action.VIEW" />
<action android_name="android.intent.action.PICK" />

<category android_name="android.intent.category.DEFAULT" />
<category android_name="android.intent.category.BROWSABLE" />

<data
android_host="auth"
android_scheme="my-ags-app" />
</intent-filter>
</activity>
[/sourcecode]

Note the value for android:scheme in the XML. This is the redirect URI that you configured when you registered your app. Finally, you fetch the credentials with the following pattern:

[sourcecode language=”java”]
// onCreate()
fetchCredentials(intent);

private void fetchCredentials(Intent intent) {
// Fetch oauth access token.
final ListenableFuture future = oauthLoginManager.fetchOAuthTokenCredentialAsync(intent);
future.addDoneListener(new Runnable() {
@Override
public void run() {
try {
oauthCred = future.get();
} catch (Exception e) {
e.printStackTrace();
}

}
});
}
[/sourcecode]

You can see this developer pattern in our Maps App example app and in our Create and Save a Map developer sample.

Next Article

Adding content to your Sites and Initiatives just got easier

Read this article