This SDK is designed to work with Android SDK 26 and beyond.
Start by registering your application in the Uber Developer's Portal. Note the ClientID under the Application ID field.
In the Uber Developer Dashboard, under the Security section, enter your application's Bundle ID in the App Signatures text field and tap the plus icon.
Next, add your application's Redirect URI to the list of URLs under Redirect URIs. The format you need to use is [Your App's Bundle ID].uberauth://redirect. The redirect URI is strongly enforced to meet IETF standards IETF RFC.
To use the Uber authentication, add the implementation dependency with the latest version of the authentication module to your gradle file.
dependencies {
implementation 'com.uber.sdk2:authentication:x.y.z'
}In order for the SDK to function correctly, you need to add some information about your app. In your application, create a sso_config.json file to fill the following details that you added to the developer portal at app registration:
{
"client_id": "your_client_id",
"redirect_uri": "your_redirect_uri",
"scope": "your_app_scope" // separated with space
}
To authenticate your app's user with Uber's backend, use the UberAuthClient API. If you prefer the default case, use the UberAuthClientImpl.authenticate() call with an Activity or ActivityResultLauncher as parameter and a default AuthContext() object.
Upon completion, the result will be delivered to the activity that started the Uber authentication flow. For success, the result will be an UberToken object delivered via Intent as parcelable extra with key EXTRA_UBER_TOKEN.
| Property | Type | Description |
|---|---|---|
| authCode | String? | The authorization code received from the authorization server. If this property is non-nil, all other properties will be nil. |
| accessToken | String? | The access token issued by the authorization server. This property will only be populated if token exchange is enabled. |
| refreshToken | String? | The type of the token issued. |
| expiresIn | Int? | A token which can be used to obtain new access tokens. |
| scope | [String]? | A space separated list of scopes requested by the client. |
For failure, the result will contain an error message inside the Intent.
To authenticate with a more controlled/custom experience an AuthContext may be supplied to the login function. Use this type to specify additional customizations for the login experience:
- Auth Destination - Where the login should occur; in the native Uber app or inside your application.
- Auth Type - The type of grant flow that should be used. Authorization Code Grant Flow is the only supported type.
- PrefillInfo - Optional user information that should be prefilled when presenting the login screen.
- Prompt - Optional parameter to force login or consent
val context = AuthContext(
authDestination: authDestination, // CrossApp() or InApp
authType: AuthType, // AuthCode or PKCE()
prefill: prefill?
)
UberAuthClientImpl.authenticate(
context: Context, // activity context
activityResultLauncher: ActivityResultLauncher<Intent>, // launcher to launch the AuthActivity
authContext: AuthContext
)There are two locations or AuthDestinations where authentication can be handled.
InApp- Presents the login screen inside the host application using a secure web browser via Custom Tabs. If there are no browsers installed on the users device that support custom tab then authentication flow will launch the default browser app to complete the flow.CrossApp- Links to the native Uber app, if installed. If not installed, falls back to InApp. By default, native will attempt to open each of the following Uber apps in the following order: Uber Rides, Uber Eats, Uber Driver. If you would like to customize this order you can supply the order as a parameter toCrossApp(). For example:CrossApp(listOf(Eats, Rider, Driver))will prefer the Uber Eats app first, andCrossApp(Driver)will only attempt to open the Uber Driver app and fall back toInAppif unavailable.
val context = AuthContext(
authDestination: CrossApp(Rider) // Only launch the Uber Rides app, fallback to inApp
)
UberAuthClientImpl.authenticate(
context: Context, // activity context
activityResultLauncher: ActivityResultLauncher<Intent>, // launcher to launch the AuthActivity
authContext: AuthContext
)An Auth type supplies logic for a specific authentication grant flow. An Auth Provider that supplies performs the Authorization Code Grant Flow as specified in the OAuth 2.0 Framework. We perform authorization grant flow in two ways:
- AuthorizationCode - The authentication flow will return only the auth code back to the calling app. It is the calling app's responsibility to exchange it for Uber tokens.
- PKCE - The authentication flow will perform proof key code exchange after the auth code is received and return the
UberTokenobject to the calling app Note: authCode will be null as it has been used for the token exchange and is no longer valid.
If you would like text fields during signup to be pre-populated with user information you can do so using the prefill API. Partial information is accepted.
Supply the PrefillInfo parameter to AuthContext and this info will be used during authenticate call
val prefill = Prefill(
email: "[email protected]",
phoneNumber: "12345678900",
firstName: "Jane",
lastName: "Doe"
)
val authContext = AuthContext(prefillInfo = prefill)
UberAuthClientImpl.authenticate(
context: Context, // activity context
activityResultLauncher: ActivityResultLauncher<Intent>, // launcher to launch the AuthActivity
authContext: AuthContext
)The AuthContext accepts an optional prompt parameter that can be used to force the login screen or the consent screen to be presented.
Note: Login is only available for inApp auth destinations
// Will request login then show the consent screen, even if previously completed by the user
val prompt = Prompt.LOGIN
val context = AuthContext(
authDestination: authDestination, // CrossApp() or InApp
authType: AuthType, // AuthCode or PKCE()
prefill: prefill?,
prompt
)
When using the InApp auth destination, the sdk will is built to handle the callback deeplink in order to receive the users's credentials. To enable this the sdk assumes that the redirect uri mentioned in the developer portal for your app is ${applicationId}.uberauth://redirect.
Once handled, the calling activity will get the result back via intent as mentioned above.
Coming Soon