Android Webview Facebook Login
In my app, I want to make users be able to login with their Facebook account. After some searches, I am able to figure out this although I don't think this way is the best method. I used a webview in my UI, and a webviewclient to sense url switchings. As I understand, On Android, I must handle all redirections in my webviewclient (Facebook redirections, several redirections happen when user set the his/her email and password). But all I need is to parse my output xml and make a decision according to output result(redirect to my home activiy or failure etc). Here is my code, Please give your suggestions if more suitable method exists.
public class FbLoginActivity extends Activity {
String fbLoginBaseUrl = "{my server url}/facebook/redirector.jsp?";
private ProgressDialog progressBar;
WebView webView;
int count = 0;
/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.fb_login);
fbLoginBaseUrl += "usdId=NoSession:";
fbLoginBaseUrl += Subroutines.getInstance().getDeviceId() + "_L";
webView = (WebView) findViewById(R.id.webview);
webView.getSettings().setJavaScriptEnabled(true);
webView.getSettings().setCacheMode(WebSettings.LOAD_NO_CACHE);
progressBar = ProgressDialog.show(FbLoginActivity.this, "", "Page is loading...");
webView.setWebViewClient(new HelloWebViewClient());
webView.loadUrl(fbLoginBaseUrl);
}
private class HelloWebViewClient extends WebViewClient {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
Log.v(Subroutines.TAG, url);
return true;
}
@Override
public void onPageFinished(WebView view, String url) {
Log.i(Subroutines.TAG, "Finished loading URL: " +url);
// if login screen loading finishes, cancel the progressdialog..
// twice redirecting happens to this sub url..
String subFace = "m.facebook.com/login.php";
if(url.indexOf(subFace) != -1 && ++count == 2){
if (progressBar.isShowing()) {
progressBar.cancel();
}
}
// Permission redirecting..
String loginSub = "www.facebook.com/connect/uiserver.php?method=permissions.request";
if(url.indexOf(loginSub) != -1){
progressBar = 开发者_C百科ProgressDialog.show(FbLoginActivity.this, "", "Logging in...");
}
// finally if my server makes a response..
String sub = "{my server url}/facebook/connect.jsp";
if(url.indexOf(sub) != -1){
Log.v(Subroutines.TAG, "my server makes a response..");
// xml parsing stuff..
// use url content to parse
}
}
@Override
public void onReceivedError(WebView view, int errorCode, String description, String failingUrl) {
Log.e(Subroutines.TAG, "Error: " + description);
}
}
}
I would get the Facebook SDK and use their functions
In a nutshell you do this:
public Facebook facebook = new Facebook("appID");
Then in on create or wherever:
facebook.authorize(this,String[] YourNeededPermissions, new DialogListener() {
@Override
public void onComplete(Bundle values) {}
@Override
public void onFacebookError(FacebookError error) {}
@Override
public void onError(DialogError e) {}
@Override
public void onCancel() {}
});
You can see this here: http://developers.facebook.com/docs/guides/mobile/#android
I have actually a similar problem in integrating the facebook registration with my own (but I'm not the android developer). I asked the question here Facebook registration flow from Android but I didn't know about the webview. That seems a good solution, can I contact you by chat or other means?
EDIT: Facebook just updated their login procedure: https://developers.facebook.com/docs/offline-access-deprecation/ as you can see, now the token you get from SSO (or any other client token) is linked only to your application (there is a validation token-app id-app secret). The endpoint is now
https://graph.facebook.com/oauth/access_token?
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=EXISTING_ACCESS_TOKEN
So using the facebook sdk for android the steps are: 1) get the user signed 2) send the token to the server 3) server will validate the token against its app id and app secret 4) add your own security features
精彩评论