Mobile login Support via services module

Could you please explain the process flow in this case? Cause I can't really imagine how it should work.

You need to have a browser to login the user via HybridAuth as it uses redirects to the authentication provider pages and then the provider redirects back to the Drupal site with HybridAuth.

So it might be impossible to use HybridAuth for the native application login.
Hope it helps.

AndyB

rakesh.nimje84@gmail.com
How do you do this task?
I have the same problem.

thanks

I think it's possible but I would need some direction from the maintainer. The way it works with other login-providers via services is the mobile app does the request to the service provider (Facebook/Twitter/etc) to get a token. The token is then passed to Drupal via Services and the magic happens from there.

So what if we had a service in Drupal that could take in a token, the provider name, and perhaps an email address? Could we initiate a login from there?

mstef: news about your idea ?

Thanks.

M.

Subscribing to this as I need this in my app too. Any news / progress in this area?

Rakesh Nimje (the person who posted this feature request) has sent me few files which can be a possible solution to this feature request. I would like to explore the possibilities and try to provide a patch. I have not provided any patch until now and this is going to be my first attempt at it.

I would like to know and make sure that there are no parallel feature requests similar to this, just to avoid any duplicate efforts.

gumdal,

Thank you for your work on this, waiting for the results.

Thanks
AndyB

Hi gundmal,

we are currently in need of the same functionality.
Would you be able to share your current code? Then we can work on a patch for hybridauth.

Thanks

Unfortunately I haven't been able to get hold of the code discussed in the previous comments, so we looked for a solution ourselves.
Attached is a patch for a hybridauth submodule, which is so far working fine for us (currently tested with one native Android app).
Apart from register and login actions the patch includes one more action to check if a profile exists already or not.

gumdal, any progress on this?

thomas.feichter - what version did you guys patch again?

Against the latest dev. But as it does not modify any existing files, it should also apply without any issues to 2.15

hello,
can You share an example how to use it?

So very sorry for not being active, I haven't really got an opportunity to work on this due to my inexperience in PHP coding. Let me know if I can be of any help, will try to tune to my Drupal notifications hereafter!

I have installed and enabled the patch in my drupal site. Three actions including login, register and profile_exists can be found in the services resources. But when I try to connect mysite/myapi/hybridauth/login from browser, '404 not found' is returned.

The hybridauth resource is checked and can be accessed by anonymous users. Do I miss anything?

I use HybridAuth 7.x-2.15, Services 7.x-3.16.
In addition, other services apis such as user/login work well.

After some struggles, the services finally work. I can call the profile_exists, login, and register services from my app. After tracing the code of this patch, I can not still figure out what parameters should I set when I call these services. For example, 'profile' and 'mail' should be passed to profile_exists for checking, but what value should be set for 'profile' field. Is the value of 'profile' something like the Facebook id returned by the OAuth? Any suggestions will be welcome. Thanks.

I tested the patch in comment #13 and it's working fine.

Thank you @thomas.feichter

This is great, what parameters do you use to call the service?

Sorry, I have missed the follow up questions.

Here is some basic sample code how to use the service in Android:

public void DrupalFacebookGooglePlusUserRegister(User user, String provider)
    throws IOException, XmlRpcException, XmlRpcFault {
  XmlRpcClient xmlrpc = new XmlRpcClient(XMLRPC, false);
  XmlRpcStruct params = new XmlRpcStruct();
  params.put("info", GetUserInfo(user));
  params.put("profile", GetFacebookOrGoogleProfile(user, provider));
  XmlRpcStruct res = (XmlRpcStruct) xmlrpc.invoke("hybridauth.register", new Object[] { params });
  res.toString();
}

private Map<String, Object> GetFacebookOrGoogleProfile(User user, String provider) {
  Map<String, Object> backgroundvec = new HashMap<String, Object>();
  backgroundvec.put("identifier", user.getId());
  backgroundvec.put("webSiteURL", "");
  backgroundvec.put("profileURL", user.getProfileUri().toString());
  backgroundvec.put("photoURL", user.getPhotoUri().toString());
  backgroundvec.put("displayName", user.getName());
  backgroundvec.put("description", "");
  backgroundvec.put("firstName", user.getFirstName());
  backgroundvec.put("lastName", user.getLastName());
  backgroundvec.put("gender", user.getGender());
  backgroundvec.put("language", "");
  backgroundvec.put("age", "");
  backgroundvec.put("birthDay", "");
  backgroundvec.put("birthMonth", "");
  backgroundvec.put("birthYear", "");
  backgroundvec.put("email", user.getEmail());
  backgroundvec.put("emailVerified", user.getEmail());
  backgroundvec.put("phone", "");
  backgroundvec.put("address", "");
  backgroundvec.put("country", "");
  backgroundvec.put("region", "");
  backgroundvec.put("city", "");
  backgroundvec.put("zip", "");
  backgroundvec.put("username", user.getName());
  backgroundvec.put("coverInfoURL", "");
  backgroundvec.put("provider", provider);
  backgroundvec.put("manual", "username,pass");
  backgroundvec.put("pass", user.getPassword());
  return backgroundvec;
}

private Object GetUserInfo(User user) {
  Map<String, Object> backgroundvec = new HashMap<String, Object>();
  backgroundvec.put("name", user.getName());
  backgroundvec.put("field_xyz", prepareParamForValue(user.getFieldXyz()));
  return backgroundvec;
}

public boolean CheckIfFacebookOrGooglePlusExists(String email,
    String provider) throws IOException, XmlRpcException, XmlRpcFault {
  XmlRpcClient xmlrpc = new XmlRpcClient(XMLRPC, false);
  XmlRpcStruct params = new XmlRpcStruct();
  params.put("mail", email);
  params.put("provider", provider);
  XmlRpcStruct res = (XmlRpcStruct) xmlrpc.invoke("hybridauth.profile_exists",
      new Object[] { params });
  return Boolean.parseBoolean(res.get("profile_exists").toString());
}

I tested the patch in comment #13 and it's working fine.

Thank you @thomas.feichter

Can anyone please tell what values should be sent in request body of postman to register or login via facebook or google for mobile app?

For anyone asking about how to use this patch through javascript. We have 3 endpoints
hybridauth/login (POST Request)
hybridauth/register (POST Request)
hybridauth/profile_exists (POST Request)

1- Login & Register request structure

{
  "profile" : {
    "provider": "Facebook", // Twitter, Google
    "identifier": "1064463893111111", // Replace this with social account id
    "profileURL": "https://www.facebook.com/1064463893111111",   
    "firstName" : "hakona",
    "lastName": "Matata",
    "gender": "male",
    "birthday": "05/17/1992",
    "email" : "yourmail@gmail.com",
    "photoURL": "http://....png"  
  }
}

2- Profile Exists request structure

{
  "mail" : "yourmail@gmail.com",
  "provider" : "Facebook" // Google, Twitter
}

Thank you @thomas.feichter for your work. I am trying to integrate the same into my website. Using postman client I am able to successfully test 'profile_exists' action with Consumer key authentication at app level.

However, I do not really understand how login / register works? I tested that registration works too with a JSON payload supplied to 'register' action (just like explained in #27), but I have the following questions:

1. How to fetch user's identifier, first name, last name, email, date of birth etc. from Facebook in a native app? Usually user will explicitly authorise the app to fetch his/her information from facebook, do we have to fetch this information and use it to create a new user account in Drupal?
2. Once registered, how do I login each time user opens the app? There should be some token mechanism if I am not wrong? I sure should not be asking for password here since the login should be authenticated by facebook as login service provider.
3. Registration response body gives me the following data, is there something which I should be using for subsequent login from the below data?

{
    "uid": "101",
    "hostname": "106.xx.yy.zz",
    "roles": {
        "1": "anonymous user",
        "2": "authenticated user"
    },
    "cache": 0,
    "name": "hakona Matata",
    "pass": "$S$DYBXd5vsBtwbfGq5kbIoDspFTcu9Gby4321c5pdD7lMSDxWisVgO",
    "init": "hakona Matata",
    "status": 1,
    "access": 1511292000,
    "mail": "test@gmail.com",
    "data": {
        "hybridauth": {
            "provider": "Facebook",
            "identifier": "1064463893111111",
            "profileURL": "https://www.facebook.com/1064463893111111",
            "firstName": "hakona",
            "lastName": "Matata",
            "gender": "male",
            "birthday": "05/17/1992",
            "email": "test@gmail.com",
            "photoURL": "http://....png"
        }
    },
    "created": 1511292000,
    "theme": "",
    "signature": "",
    "login": 280281600,
    "language": "",
    "picture": null
}

Any help would be thoroughly appreciated while I do my research in this front and I will document my findings here in the interim. Guess we will have to volunteer for proper documentation of this patch too.

I am not sure if I am using the patch right, but when I try to login with 2 different users through this patch I am getting the session information of some other logged in user. Please have a look at the images from Postman client:

As you can see above, the response of both logins with different users gives me same session information.

Am I doing it wrong? For now I am changing the status back to "Needs work" but please feel free to update it in case if I am wrong! Also, am upgrading the priority as this thread seems to have some major attention.