1. Develop secure authentication for Android mobile applications
  2. View the Sample Mobile Application Log

View the Sample Mobile Application Log

The Android sample application logs the information about authenticating a user.

To see the logs, in Android Studio, click the Run tab at the bottom of the window. You can download an example of a log from the download section.

The sample application log shows the following steps in the user authentication process.

Contact Oracle Identity Cloud Service for the first time: 

"...
[OMOICMobileSecurityConfiguration] Downloading openID well known configuration from URL:...
..."

Call the Oracle Identity Cloud Service Authentication API: 

"...
[OMMobileSecurityService] Authenticate API called for first time after app launch -> Removing session cookies
...
[OAuthConnectionsUtil] This is openID Configuration Use case
...
[DefaultStateTransition] getInitialState authScheme : OPENIDCONNECT10 TYPE : OAUTH20_AC_SERVICE
..."

Verify the configured browser mode:

"...
[OAuthAuthorizationCodeService] Creating Challenge for browser mode: EMBEDDED
[OAuthAuthorizationCodeService] Challenge : type : EMBEDDED_WEBVIEW_REQUIRED
.."

The browser calls Oracle Identity Cloud Service authorization endpoint: 

"...
[oracle.idm.mobile.auth.webview.OAuthWebViewConfigurationHandler] Loading login load  URL in the webview
..."

The message is followed by Oracle Identity Cloud Service's authorization endpoint URL.

Oracle Identity Cloud Service presents the sign-in page in the browser: 

"...
[oracle.idm.mobile.auth.webview.OAuthWebViewConfigurationHandler] onPageStarted:
..."

The message is followed by the Oracle Identity Cloud Service's sign-in page URL.

After successful sign-in, the browser closes and the control returns to the application.

The application contacts the Oracle Identity Cloud Service token endpoint to exchange the authorization code that was sent by Oracle Identity Cloud Service: 

"...
[OAuthAuthorizationCodeService] onAuthZCode
[OAuthConnectionsUtil] getBackChannelRequestForAccessToken :  grantType : AUTHORIZATION_CODE
...
[OMConnectionHandler]  http method              : POST
[OMConnectionHandler]  http request URL             
..."

The last message is followed by Oracle Identity Cloud Service's token endpoint URL.

The SDK for Android Applications creates a session for the user:

"...
[AuthenticationServiceManager.AuthenticationAsyncTask] Authentication context status : SUCCESS
..."

The application can use the token that is present in the SDK for Android Applications session to make other REST API calls to Oracle Identity Cloud Service endpoints: 

"...
[OpenIDConnect10AuthenticationService] Access token(s) valid : true
[OpenIDConnect10AuthenticationService] OpenId token not expired!
...
[OAuthAuthorizationService] Method: GETrequested on URL
..."

The message is followed by either the Oracle Identity Cloud Service MyApps or the MyGroups endpoint URL. This message appears only if you click the MyApps or MyGroups button in the application UI.