tags:

views:

61

answers:

1

I have a C/S solution, which take Android as its client and PHP as its server.

I have my own account system.

I'm wondering whether I could provide my user to login my system with Google Account?

I saw there are web-solution for this, like this stackoverflow.com could use Google Account to directly login.

Is there a solution for C/S system?

+1  A: 

Not without a web browser.

If the user isn't logged in to google (or any other provider), he has to authenticate with the provider first. This is done via a web browser, and you shouldn't even try doing it in any other way (for security reasons, the user should be sure that he is connected to the provider, for example by seeing the url in his browser).

However, even if the user is logged in, the provider needs to know that -- usually using a cookie. And cookies are stored within a web browser. So in theory, you could parse the browser's cookie file, and then try immediate authentication, but that won't work until you login and authorize the relying party via a web browser first.

Mewp
Can I use a WebView for this? Or other, invoke the ChromeLite in Android for this authentication and get result back from it?
Johnny
If WebView sends/stores cookies, you can. As for getting the information back, your server will receive the data from OP, since the server must be the RP (and it must have an http server, to handle the response). How will the server notify the client that it has authenticated is another problem. Generally, a possible solution would be that the client opens a browser window pointing to `http://server:port/random_token`, which redirects to the op, op redirects back to the server after auth, then server notifies the client identified by `random_token` of the auth result.
Mewp