I have an Android app that needs to load data into an API (the API will then store the data in a MySQL database). I would like to use the Federated login (Google) or OpenID registration procedure so that the user does not need to register the email address + password for my application, but rather use Google (or another account) that is stored in AccountManager.
Until the beginning of this year, the solution used GAE, according to the well-known recipe Nick Johnson. But since Google started charging for the use of GAE, this is no longer a viable solution. PLEASE DO NOT RECOMMEND USING GAS.
Has anyone managed to solve the authentication problem using Federated Login OR OpenID, and then get authorization on the third-party (your) web server API?
NOTE. OAuth will be a simple authorization solution, except that it will rely on interaction (from a trusted point of view) with a previously authenticated consumer, which is not the case when you authenticate an application user (on a mobile device) using FedLogin or OpenID. OAuth works if my application (mobile + web server) authenticates the user (and I keep the username + password), which is EXACTLY what I'm trying to avoid), but not if Google (or FB) does it for you.