I've got identity toolkit set up for my android app almost completely -- I just need help setting up the endpoint for the link "Trouble Signing In" when authenticating with a username & password.
I've tried (to no avail) to follow the steps enumerated here.
I've noticed a couple weird things:
1) The request sent to my endpoint on the back end is actually a GET request as opposed to the POST I was expecting (as per the aforementioned docs).
2) When the request gets to my server, after calling
OobResponse oobResponse = getGitkitClient().getOobResponse(request);
I put a bunch of the oobResponse properties into my response (using Spring Boot, so I just return a jsonified Map). Here are the values I get:
{"newEmail": null,"oobResponse":"{\"error\": \"unknown request\"}","email": null,"action": null,"recipient": null}
This json object displays on my device after I click the "Trouble signing in" link.
Here's some more of my configuration if it's pertinent:
Android manifest file contains the lines:
...
<meta-data
android:name="identitytoolkit.show_providers"
android:value="Facebook,Google" />
<meta-data
android:name="identitytoolkit.use_google_plus"
android:value="false" />
<meta-data
android:name="identitytoolkit.api_key"
android:value="myKey" />
<meta-data
android:name="identitytoolkit.server_client_id"
android:value="myClientId" />
<meta-data
android:name="identitytoolkit.server_widget_url"
android:value="https://example.com/callback" />`
...
In the Google Developer Console for the Identity Toolkit API, here is how my URL Configuration is set up:
Widget URL: https://example.com/callback
Sign-in Success URL: https://example.com/signInSuccess
Sign-out URL: https://example.com/signOut
Send email URL: https://example.com/sendEmail
Here are my Web Client URLs:
Authorized JavaScript origins: http://example.com
Authorized Redirect URIs: https://example.com/callback
Any ideas, hints, or links to good tutorials that you know about? This is one of the last few things I need to finish before I release, please help!
Update:
After trying to fiddle around with the problem some more, I suspect my problem may be caused by the fact that I'm using Spring Boot. The request that Google says they expect is the javax.servlet.http.HttpServletRequest, while Spring Boot uses the org.springframework.web.context.request.WebRequest. I've found and included the javax.servlet.http.HttpServletRequest .jar and I now accept that type of request in the method's signature that corresponds to the /callback path. I've also tried setting the type of the request in the signature to the WebRequest and casting it to the HttpServletRequest type when calling:
OobResponse oobResponse = getGitkitClient().getOobResponse((HttpServletRequest) request);
This is still not working. :(
<meta-data
android:name="identitytoolkit.server_widget_url"
android:value="**https://example.com/sendEmail**" />
The value should be your Widget URL, not your send email endpoint.
Here is the official step by step tutorial on using Identity Toolkit in Android. Hope this helps!