Best way to use Google APIs using OAuth 2.0 on Android

Question

I\'m trying to migrate an Android application using OAuth 1.0a to OAuth 2.0. (using the Google API Client Library for Java/Android for my OAuth 2.0 needs).

What is the

Answer 1

Play Services were introduced at Google I/O 2013 and are now the official way to use OAuth2 in Android. They do not require a WebView.

Answer 2

I ended up using a WebView component to load up the Google Authorization URL. Using a WebviewClient, I was able to intercept the pages being loaded into the Webview, and as such, when the user accepts or denies the authorization request, I was able to continue the flow.

If the user accepts, the URL that Google redirects to contains a "code" request param, and the application is able to exchange it for an OAuth 2.0 token. If the user does not accept, the URL that Google redirects to contains a "error" request param, and the application can handle the non-happy scenario.

I've written down everything in a blog post : Oauth 2.0 flow in Android

The post also contains a sample Android app using the OAuth 2.0 flow with the Latitude API. Sample code is available in GitGub.