How can I use facebook authentication to access my web service from Android?

I'm working on an app which comprises of a web component and a mobile component - an end user can access the service directly via the web or via a mobile. I would like to have facebook based authentication for the service.

I have developed a simple facebook javascript SDK based login mechanism for the web interface. The server side determines which user is logged in via the cookies. This works fine.

From the Android side, I'd like the user to be able to log in with their facebook credentials to access services on the server side (not facebook specific services). I would like this to work by having the user present the same cookies with the request as are presented when using the javascript SDK.

Having looked at the documentation, it seems that there are more or less two options:

• use the facebook Android libraries to enable the mobile app to directly access facebook

• use mobile web to afford login to the services

Neither of the above is really what we want - the first is for direct facebook access from the Android app and does not really relate to a situation in which there is a web service; the second does not integr开发者_JAVA技巧ate with the native mobile app.

I'm guessing that folks must have done this before - any pointers on how to do this?

TIA,

Seán.

You could always develop your application using PhoneGap? It'll save you a load of time and enable you to use your existing FBC code.

I have the same scenario. I have a JSON service that I would like to call from my Android app but as an authenticated user.

Think about it this way. Normally a web service would have some kind of authentication, not necessarily different for every user. So why not conceptually separate out the authentication with Facebook and the authentication with the web service.

The app controls what a user can do and see and thus controls the authentication. If the login to Facebook fails then the app denies the user access to the service.

On the web service side you could just require an api key which you issue to the app like any other api. This key initialises a session so that each device will have a separate session id but they would all use the same api key. Alternatively the email address provided from Facebook could be used as a username together with the api key to initiate a session.

Any thoughts?