3

I'm implementing C2DM for my Android app. Client side (Android) went well, but I'm little bit confused on implementing server side.

My server is C#/.NET. Official documentations links to 404 when it comes to authentication: https://developers.google.com/android/c2dm/#handling_reg

I found another page: https://developers.google.com/accounts/docs/AuthForInstalledApps

But it says deprecated. So, I'm not sure what to do now. Go with deprecated functionality or learn how to use OAuth? (never done this before)

If I go with OAuth - what should I pass in here: Authorization: GoogleLogin auth=[AUTH_TOKEN] ?

Any pointers on this subject will be appreciated

Recent post from Google sounds like Client Login is the way to go... http://android-developers.blogspot.com/2012/04/android-c2dm-client-login-key.html

4

3 に答える 3

3

I recently started setting up C2DM myself, and I had the same confusion you did when I saw the deprecation notice. My best understanding is that while Google is moving to OAuth 2 for most services, deprecating ClientLogin, C2DM still uses ClientLogin, so that's what you have to use in this case.

Rationale:

  • Absolutely everything in the (up-to-date and frequently updated) C2DM documentation explicitly refers to ClientLogin, strongly suggesting that the service is tied to this particular authorization method. ClientLogin is explicitly mentioned 11 times, while no mention is made to OAuth or to any other possible means of authentication.

In short, I believe that you must use ClientLogin for C2DM and should ignore the fact that it is deprecated for other Google services that are better served by OAuth. It doesn't appear that anything other than ClientLogin is intended to be used with C2DM in the foreseeable future.

于 2012-06-02T02:05:20.670 に答える
2

I think OAuth 2.0 is the way to go. I first used ClientLogin for C2DM, but found that there is no managment of issued authorization codes. Even when I revoked access using the Google Account Authorize Access page, I was still able to send messages to my device using authorization codes issued before! Furthermore, I didn't like the idea of storing Google credentials somewhere to obtain authorization codes.

OAuth 2.0 is slightly more complicated, but now that I understand it, I find it much more elegant than ClientLogin.

Basically one generates an OAuth Client ID, OAuth Client secret and a Refresh Token using Google's OAuth 2.0 Playground. These can be used to obtain (refresh) an Access Token that is valid for limited time (usually 1 hour). The Access Token is then used to send messages using C2DM.

I followed this tutorial to set it up, and it works like a charm!

于 2012-06-15T20:41:03.470 に答える
0

Did you see this Java example?

http://code.google.com/p/google-api-java-client/wiki/OAuth2Draft10

It's easy to understand in my opinion.

于 2012-06-02T02:11:55.780 に答える