Why is Android Browser denying me permission to callback from OAuth?
I am trying to get OAuth working for a service provider website. Everything goes well with the authentication until the callback. It's actually calling back with the proper URL (the one I specified both on the provider's registration site as well as the call to provider.retrieveRequestToken()
I am doing this:
provider.retrieveRequestToken(consumer, "my-app:///" );
And the URL I actually get back is exactly what I'd expect - "my-app:///?[a bunch of params including my access token]"
But at this point the browser says I do not have permission to access that URL. My manifest is set up like so:
<activity android:name=".Selector" android:label="@string/app_name"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> <intent-filter> <action android:name="android.intent.action.VIEW" /> <category android:name="android.intent.category.DEFAULT" /> <category android:name="android.intent.category.BROWSABLE" /> <data android:scheme="my-app"/> </intent-filter> </activity>
Am I missing something? Maybe a permission?
try adding the permission for internet access in your manifest.xml
<uses-permission android:name="android.permission.INTERNET" />
I've implemented an intent-based OAuth callback in SMS Backup+. From user feedback I've found that a few browsers (e.g. Opera Mini) won't actually handle non-http schemes correctly, so this could be the issue as well. Try in an emulator with a stock browser first.
Some phones (Droid X) even ship with broken browsers by default, so this method doesn't work reliably across devices. I'm currently looking for a better solution, an alternative would be to use OOB callback handling, but that's not very user-friendly.