The Android side realizes single Sign-on method detailed _android

Objective

Single sign-on SSO (Sign on) It's easy to say that in a multiple-system environment where a user logs in one place, they don't have to log on to another system, which means that a user's login can be trusted by all other systems. Single sign-on is very frequently used in large web sites, such as Alibaba, where there are hundreds of subsystems behind the site, user operations or transactions may involve the collaboration of dozens of subsystems, if each subsystem needs user authentication, not only users will be crazy, Subsystems are also going crazy over the logic of this repetitive authentication authorization. Implementing a single sign-on is ultimately about how to generate and store that trust, and then how other systems verify the validity of this trust, so the main points are the following two:

Store Trust

Verifying Trust

If a system does what it says at the beginning, and even if it's single sign-on, let's look at the way to achieve a single sign-on on the Android side.

Service side

The server needs to integrate token, each time the app is logged in to assign a new token to the app, and if the app delivery token is not up to date in an HTTP request, it's considered a need to log in (or set the token valid time according to the background you need, and expiration is considered token invalid, Need to log in again). Returns the agreed code in the case of token failure

Android Side Monitor

How does app know that it's already logged on to other devices, and there are generally three different ways to

Background return of specific code in 1.API request

This is the most common way, the disadvantage is that the next API request to know is kicked off the line, can be in the network layer entity model of the base class Basemodel processing, the code to judge

    Switch (code) {case
    1: Break
      ;
    Case 3://was kicked off the line
      //do something break
      ;
    }

2. Push and send

Background push to the app, so the app learned that the account in other devices logged in, and then perform the offline operation, the advantage is to be able to respond in time

3. Using a third party listener

Many times the app integrates some Third-party account systems, such as in a ring-letter app, where each user corresponds to the imusername of a ring letter, and the ring letter itself provides the connection status to the listener, listening to the user status of the ring letter, to monitor the app's own user system.

    Emclient.getinstance (). Addconnectionlistener (this);

Android is kicked off the line after the operation

No matter what kind of listening mode, the final operation is the same, you can according to their own needs for the corresponding operation. This provides a general process of off-line.

From the top of the stack to the current front desk activity,dialog prompts the user, click to jump login page

First, any place to get to the foreground activity

Public activity Gettasktop () {return
  Mactivities.get (Mactivities.size ()-1);
}

Then the main thread pops up dialog

private void Onconnectionconflict () {//kicked off
  sputils.logout ();
  Final activity tasktop = Activitymanager.getinstance (). Gettasktop ();
  if (tasktop = null) return;
  New Handler (Looper.getmainlooper ()). Post (new Runnable () {
    @Override public
    void Run () {
      Mddialogfactory.createmustokdia (Tasktop, "Your account is logged on to another terminal, please login again", new Mdcallback () {
        @Override public
        Void Onmdcall (@NonNull materialdialog Dialog, @NonNull dialogaction which) {
          Intent Intent = new Intent (Tasktop, Loginact Ivity.class);
          Intent.putextra (Constantkey.must_login_key, true);
          Tasktop.startactivity (intent);
        }
      ). Show ();}}
  );

Here's some instructions.

Because the supervisor hears to be kicked the offline environment not necessarily in the main thread, therefore needs to switch to the main thread to carry on the pop-up Dilaog

 New Handler (Looper.getmainlooper ()). Post (Runnable R)

Here the dialog is mandatory, not canceled (here dialog is custom, with the system is also OK, this is not the point)

 Builder.cancelable (false);
 Builder.canceledontouchoutside (FALSE);

Summarize

This is the full content of this article, I hope the content of this article for your Android developers can help, if you have questions you can message exchange.