7

I develop an android application that needs to allow read/write access to user's google drive. In addition, it is supposed to run on public devices (meaning that many people might use same device to access their google drive account). In such circumstances, it is unacceptable to add each user's account to Android Account Manager. Unfortunately, all official guides, use the authentication with the google account registered on device. The popup of selecting existing google accounts from device or adding a new one appears.

protected void onStart() {
        super.onStart();
        if (mGoogleApiClient == null) {
            mGoogleApiClient = new GoogleApiClient.Builder(this)
                    .addApi(Drive.API)
                    .addScope(Drive.SCOPE_FILE)
                            // Optionally, add additional APIs and scopes if required.
                    .addConnectionCallbacks(this)
                    .addOnConnectionFailedListener(this)
                    .build();
        }
        mGoogleApiClient.connect();
    }



    /**
     * Called when {@code mGoogleApiClient} is trying to connect but failed.
     * Handle {@code result.getResolution()} if there is a resolution
     * available.
     */
    @Override
    public void onConnectionFailed(ConnectionResult result) {
        Log.i(TAG, "GoogleApiClient connection failed: " + result.toString());
        if (!result.hasResolution()) {
            // Show a localized error dialog.
            GooglePlayServicesUtil.getErrorDialog(
                    result.getErrorCode(), this, 0, new OnCancelListener() {
                        @Override
                        public void onCancel(DialogInterface dialog) {
                            retryConnecting();
                        }
                    }).show();
            return;
        }
        // If there is an existing resolution error being displayed or a resolution
        // activity has started before, do nothing and wait for resolution
        // progress to be completed.
        if (mIsInResolution) {
            return;
        }
        mIsInResolution = true;
        try {
            result.startResolutionForResult(this, REQUEST_CODE_RESOLUTION);
        } catch (SendIntentException e) {
            Log.e(TAG, "Exception while starting resolution activity", e);
            retryConnecting();
        }
    }

What is the workaround? I need to login to google account (actually only to the drive) without saving the account on the device. I just need to login and logout when finished, without leaving any personal info on the device. How can I do it?

user2924714
  • 1,918
  • 1
  • 19
  • 26
  • you could instead use a Web flow in an embedded browser. but you would need to clear the cache every time – Zig Mandel Oct 18 '15 at 12:30
  • Are you sure there is no way to achieve what I want, using google drive android api? – user2924714 Oct 18 '15 at 12:47
  • no im not sure. its an alternative. – Zig Mandel Oct 18 '15 at 12:52
  • 1
    I would appreciate if any of the Google Engineers could answer this question, so that I know for sure there is no other way except the WebFlow. Meanwhile I've tried to use also GoogleAuthUtil.getToken(mActivity, mEmail, mScope); But it throws the GoogleAuthException with message BadUsername if I provide an email that is not registered on the device. There is also no place in the API, where I can pass some kind of password for the authentication – user2924714 Oct 18 '15 at 13:09
  • I don't see anything in this guide, and never seen an app that does that. thus seems a webview is your only choice cordova-style. https://developers.google.com/identity/sign-in/android/start-integrating and about clearing the webview cache see http://stackoverflow.com/q/26754884/2213940 not making an answer as im no android expert – Zig Mandel Oct 18 '15 at 13:15
  • Thank you for your help. Still hope getting an answer from the google android expert. If not, I'll proceed with your advise. – user2924714 Oct 18 '15 at 13:44
  • Did you find a solution to this? I have started to see that some devices (that are not using Android) is displaying the accounts, but it more looks like they are fetching the directories and files and displaying it that way only. But I haven't found any solution on the android device without using own calls to the API and handle it that way. – Andreas Mattisson Oct 24 '16 at 11:37

1 Answers1

1

It is not possible. Only accounts registered on the device (authenticated by users themself) can be selected/used to connect to GooDrive. Even if you can use construct like:

mGoogleApiClient = new GoogleApiClient.Builder(this)
                    .addApi(Drive.API)
                    .addScope(Drive.SCOPE_FILE)
                            // Optionally, add additional APIs and scopes if required.
                    .addConnectionCallbacks(this)
                    .addOnConnectionFailedListener(this)
                    .setAccountName([SOME_EMAIL@GMAIL.COM])
                    .build();

(please notice the .setAccountName([SOME_EMAIL@GMAIL.COM])), the email still HAS TO BE one of the device registered accounts. The app can't address any accounts the user her/himself did not authenticate, it would be security no-no, right?

Good Luck

seanpj
  • 6,735
  • 2
  • 33
  • 54
  • 1
    it is security problem only if the app doesn't ask for the password. What I've expected is that there will be an ability to get from the user his gmail and his password, and then to create a secured connection to the account. In my case, the app should run on public device, so it is a security problm to add each user account to the device- as soon as I add an account, it starts to synchronize the mails, the calendar. And I just want the Google drive. So adding the account to a public device creates a privacy problem – user2924714 Oct 20 '15 at 05:55
  • I'm not a Googler, just a developer like you. What I posted was my knowledge from my experience / testing. Did not find anything in the GDAA that would work the way you describe. Maybe a different API. – seanpj Oct 20 '15 at 11:30