Overview

There are over 500 million registered HUAWEI ID users across the globe. HUAWEI ID enables users to sign in to an app with just a tap. By binding your apps to HUAWEI ID, you can attract new users, by leveraging the enormous HUAWEI ID user base. HUAWEI ID complies with the OAuth 2.0 and OpenID Connect protocols.
To use HUAWEI ID, you will need to:

• Register a HUAWEI ID on the HUAWEI Developer. Then, create an app, configure the app information, and enable the HUAWEI ID service on the HUAWEI Developer Console.
• Create a project with Android Studio IDE, and configure the SDK on which HUAWEI ID depends.
• Implement HUAWEI ID API calls and debugging, by referring to the HUAWEI ID development guide.

What You Will Create

In this codelab, you will use the demo project that has been created for you, to call HUAWEI ID APIs. Through the demo project, you will:

• Experience the HUAWEI ID authorization and sign-in process.
• Obtain basic user information such as the user ID, nickname, and profile picture from HUAWEI ID.
• Cancel authorization to an app, through the authorization cancellation API.

What You Will Learn

• How to create an app on HUAWEI Developer.
• How to enable the HUAWEI ID service.
• How to import the HUAWEI ID service SDK.
• How to call HUAWEI ID service APIs.

Hardware Requirements

• A computer (desktop or laptop) that runs the Windows 10 operating system
• A HUAWEI mobile phone with HMS Core (APK) 4.0.0.300 or later, to be used for demo project running and service debugging.

Software Requirements

• Android Studio 3.X
• JDK 1.8 and later
• SDK Platform 26 and later
• Gradle 4.6 and later

HUAWEI HMS Core integration requires the following preparations

• Creating an AGC Application.
• Creating an Android Studio Project.
• Generating a signature certificate.
• Generating a signature certificate fingerprint.
• Configuring the signature certificate fingerprint.
• Adding the application package name and save the configuration file.
• Configure the Maven address and AGC gradle plug-in.
• Configure the signature file in Android Studio.

For details, see the HUAWEI HMS Core Integration Preparation.

1. In HUAWEI Developer AppGallery Connect, go to Develop > Overview > Manage APIs.
   
2. Enable HUAWEI Account Kit.
   

Now, you have successfully enabled HUAWEI Account Kit for your app.

Adding Configuration File

1. In HUAWEI Developer AppGallery Connect, click the app that you have created and go to Develop -> Overview. In the Product information section, click Set.
   
2. Set the app data storage location as needed, and click OK.
   
3. In the App information section, download the agconnect-services.json file.
   
4. Move the downloaded agconnect-services.json file to the root directory of the app module in your Android Studio project.
   

Configuring the Maven Repository Address for HMS SDK.

1. Open the build.gradle file in the app directory.
   
2. Add compile dependencies to "dependencies" and replace {version} with the current HMS SDK version number, which is 4.0.0.300.

   dependencies {
       implementation 'com.huawei.hms:hwid:{version}'
   }
   
   

3. Click Sync Now to synchronize your project.
   

Configuring Obfuscation Scripts

1. Open proguard-rules.pro, the obfuscation configuration file of your Android Studio project.
2. Add obfuscation configurations.

   -ignorewarnings 
   -keepattributes *Annotation* 
   -keepattributes Exceptions 
   -keepattributes InnerClasses 
   -keepattributes Signature 
   -keepattributes SourceFile,LineNumberTable 
   -keep class com.hianalytics.android.**{*;} 
   -keep class com.huawei.updatesdk.**{*;} 
   -keep class com.huawei.hms.**{*;} 
   
   

3. If you have used AndResGuard, add the AndResGuard whitelist to the obfuscation configuration file

   "R.string.hms*", 
   "R.string.connect_server_fail_prompt_toast", 
   "R.string.getting_message_fail_prompt_toast", 
   "R.string.no_available_network_prompt_toast", 
   "R.string.third_app_*", 
   "R.string.upsdk_*", 
   "R.layout.hms*", 
   "R.layout.upsdk_*", 
   "R.drawable.upsdk*", 
   "R.color.upsdk*", 
   "R.dimen.upsdk*", 
   "R.style.upsdk*",
   "R.string.agc*"
   
   

Scenarios that involve interaction with HUAWEI ID APIs include: sign-in, silent sign-in, sign-out, and authorization cancellation. In this codelab, you can create the UI in your Android Studio project, by referring to the following UI layout.

Signing in with the ID Token Method

ID Token Process

1. The user taps the HUAWEI ID sign-in icon and requests to sign in with a HUAWEI ID.
2. HMS SDK displays the user sign-in and authorization page, explicitly notifying the user of the content to be authorized, based on the authorization scope carried in the sign-in request.
3. After the user manually authorizes the app to access the content in question, HMS SDK returns the ID Token information to the app.
4. The app verifies the ID Token locally or from the Huawei ID server.

ID Token Sample Code

1. Display the HUAWEI ID sign-in icon.

The app displays the HUAWEI ID sign-in icon on the sign-in page. For details about the icon specifications, please refer to Huawei Icon Specifications.

2. Call the setIdToken method of HuaweiIdAuthParamsHelper to request authorization.

   HuaweiIdAuthParams mHuaweiIdAuthParams;
   mHuaweiIdAuthParams = new HuaweiIdAuthParamsHelper (HuaweiIdAuthParams.DEFAULT_AUTH_REQUEST_PARAM). setIdToken().createParams();
   
   

3. Call the getService method of HuaweiIdAuthManager to initialize the HuaweiIdAuthService object.

   HuaweiIdAuthService mHuaweiIdAuthService = HuaweiIdAuthManager.getService (HuaweiIdActivity.this, mHuaweiIdAuthParams);
   
   

4. Call the getSignInIntent method of HuaweiIdAuthService and display the HUAWEI ID sign-in and authorization page.

   startActivityForResult(mHuaweiIdAuthService.getSignInIntent(), Constant.REQUEST_SIGN_IN_LOGIN);
   
   

5. Process the sign-in result after successful authorization.

   protected void onActivityResult(int requestCode, int resultCode, Intent data) {
       super.onActivityResult(requestCode, resultCode, data);
       if (requestCode == Constant.REQUEST_SIGN_IN_LOGIN) {
           //login success
           //get user message by parseAuthResultFromIntent
           Task< AuthHuaweiId> authHuaweiIdTask = HuaweiIdAuthManager. parseAuthResultFromIntent(data);
           if (authHuaweiIdTask.isSuccessful()) {
               AuthHuaweiId huaweiAccount = authHuaweiIdTask.getResult();
               Log.i(TAG, "signIn success " + huaweiAccount.getDisplayName());
           } else {
               Log.i(TAG, "signIn failed: " + ((ApiException) authHuaweiIdTask.getException()).getStatusCode());
           }
       } 
   }
   
   

Signing in with the Authorization Code Method

HUAWEI ID also supports user sign-in with an Authorization Code. However, it only applies to apps that run on independent developer servers.

Authorization Code Process

1. The user taps the HUAWEI ID sign-in icon, and requests to sign in with a HUAWEI ID.
2. HMS SDK displays the user sign-in and authorization page, explicitly notifying the user of the content to be authorized based on the authorization scope carried in the sign-in request.
3. After the user manually authorizes the app to access the content in question, HMS SDK returns the Authorization Code information to the app.
4. Based on the Authorization Code, the app obtains the Access Token, Refresh Token, and ID Token from the Huawei ID server.
5. If the ID Token has expired, obtain the new Access Token or ID Token by using the Refresh Token.

Authorization Code Sample Code

1. Display the HUAWEI ID sign-in icon.

The app displays the HUAWEI ID sign-in icon on the sign-in page. For details about the icon specifications, please refer to Huawei Icon Specifications.

2. Call the setAuthorizationCode method of HuaweiIdAuthParamsHelper to request authorization.

   HuaweiIdAuthParams authParams= new HuaweiIdAuthParamsHelper (HuaweiIdAuthParams.DEFAULT_AUTH_REQUEST_PARAM). setAuthorizationCode().createParams();
   
   

3. Call the getService method of HuaweiIdAuthManager to initialize the HuaweiIdAuthService object.

   HuaweiIdAuthService service = HuaweiIdAuthManager.getService (MainActivity.this, authParams);
   
   

4. Call the getSignInIntent method of HuaweiIdAuthService and display the HUAWEI ID sign-in and authorization page.

   startActivityForResult(service.getSignInIntent(), Constant.REQUEST_SIGN_IN_LOGIN_CODE);
   
   

5. Process the sign-in result after successful authorization.

   protected void onActivityResult(int requestCode, int resultCode, Intent data) {
       super.onActivityResult(requestCode, resultCode, data);
       if (requestCode == Constant.REQUEST_SIGN_IN_LOGIN_CODE) {
           //login success
           Task< AuthHuaweiId> authHuaweiIdTask = HuaweiIdAuthManager. parseAuthResultFromIntent(data);
           if (authHuaweiIdTask.isSuccessful()) {
               AuthHuaweiId huaweiAccount = authHuaweiIdTask.getResult();
               Log.i(TAG, "signIn get code success.");
           } else {
               Log.i(TAG, "signIn get code failed: " + ((ApiException) authHuaweiIdTask.getException()).getStatusCode());
           }
       }
   }
   
   

6. The app client reports the obtained Authorization Code to the app server, which will call the API at /oauth2/v3/token to request the ID Token, Access Token, and Refresh Token from the Huawei ID server.

Request example:

POST /oauth2/v3/token HTTP/1.1 
Host: oauth-login.cloud.huawei.com 
Content-Type: application/x-www-form-urlencoded 
grant_type=authorization_code& 
code=ANXxSNjwQDugOnqeikRMu2bKaXCdlLxn& 
client_id=12345& 
code_verifier=123444444dfd4sadfsdwew321454567587658776t896fdfgdscvvbfxdgfdgfdsfasdfsdgd233& 
redirect_uri=hms%3A%2F%2Fredirect_uri& 
need_open_uid=true

Response example:

HTTP/1.1 200 OK 
Content-Type: application/json;charset=UTF-8 
Cache-Control: no-store 
Pragma: no-cache 
  
{ 
"access_token": "CFyJ21sNODl16eV9y2vu3CwQk9DBr32BkOcxxgAd7MZUR5th1giyTk5\/kA+QDAyxou+\/5U2zzBRcf3qgLkkFdtbbC+mM3zFV7xj7CCEMHc5Tw92al0Y=", 
"refresh_token": "CF13G0sRaGybtYt7SIyeUILNORtTFwMgz4ao5C7j7vtgLPt6ogmXKjdI8RS\/YlyS71z4DyP6kEMnOrRlmNK0KhdOUNWd+qVLLRsEEHkqRIKpuAkPvL8=", 
    "expires_in": 3600, 
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjExOGRmMjU0YjgzNzE4OWQxYmMyYmU5NjUwYTgyMTEyYzAwZGY1YTQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI3ODI0NTY2Njc4OTgtc2M0MzE3Y2l0NGEwMjB0NzdrbGdsbWo1ZjA4YWtnMWIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiI3ODI0NTY2Njc4OTgtN2NkNGJpYWRkaGVwNGc4cnZic2VlOGtwcDA5Zm1hNzIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDE3MTIxMzkwMzgwNDE2MDc0MTQiLCJlbWFpbCI6Inh1ZXpoZW5odWF0anVAc2luYS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vbGg1Lmdvb2dsZXVzZXJjb250ZW50LmNvbS8tMm9lTTllT09zNTAvQUFBQUFBQUFBQUkvQUFBQUFBQUFBQkkvMVpOSC0xdmxxc3cvczk2LWMvcGhvdG8uanBnIiwiaWF0IjoxNTYxNDUxMTUyLCJleHAiOjE1NjE0NTQ3NTJ9.Eo9IHMkid596jvt1YYzNsRtDq9c9K9dbougkU41Noh7TXNiko86_RuWwHID6k1kDg398AwC3wwH-t2hLcUjgrXPNd9XYU96Jp4-UxdDszP6ywEJgvvBCyTHzsi2auvKt_MnfSrs3qOKfh7noJvXq8AY-Hi3vqSUks5kGqbZKVzCHhBDO3RD9Fs9YHsB6w0XVKZojPOBDaAT_TiijoChn-Q-e8NbSGUx52OgeH-Nw5lOj6JVb_7fb6ucWRzlhiQuzFjklevLVw2pjw1MxKbl1vfRp0X699uZBVjgl9hj1L7LSDObuPzLiXF7ojji5JKYC6zIwAtZQUZ_VUmSk01GDLQ", 
    "scope": "openid profile email", 
"token_type": "Bearer", 
"open_id": "MDFAMzAwMDUxODgzQDNiaODc3NTkzNGRlNmNiaMzBlNmQ2YjAzNTgzNTJhMDNjQDkwMGQwYTY1NmE1NmNlNTU1M2EzMWY3Y2VmZWQwOGJlYTRkZTU4ZjM5YWFmOWNhNTk0ODEyZA", 
}

7. The Access Token has a short validity period (currently, 60 minutes). When the Access Token obtained has expired or is about to expire, request the new Access Token from the Huawei ID server by sending the Refresh Token through the API at /oauth2/v3/token.

Request example:

POST /oauth2/v3/token HTTP/1.1 
Host: oauth-login.cloud.huawei.com 
Content-Type: application/x-www-form-urlencoded 
  
grant_type=refresh_token& 
client_id=12345& 
client_secret=bKaZ0VE3EYrXaXCdCe3d2k9few& 
refresh_toekn=CF2Mm03n0aos9iZZ8nIhfyDtoXy74CXeBi50gVVhMpB0IUzlv9ZwizEvTBhVoF820ZPim0JwNR9j2p1qgEQWnIVYZRlp4T6ezMgekUnsHBkvNev5rd2MdfQMLP

Response example:

HTTP/1.1 200 OK 
Content-Type: application/json;charset=UTF-8 
Cache-Control: no-store 
Pragma: no-cache 
  
{ 
"access_token": "CFyJ4J\/l6wuwcFqYOJG4maq2ca8RAV+g0i+mel6qCV5lvqH0PYtW0+BNwfHWg0AqMnW6ZdBvUgs7ijkxMFh1xVP\/B+vQXz3PWsivkKCuL78XtbLt7vs=", 
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjExOGRmMjU0YjgzNzE4OWQxYmMyYmU5NjUwYTgyMTEyYzAwZGY1YTQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI3ODI0NTY2Njc4OTgtc2M0MzE3Y2l0NGEwMjB0NzdrbGdsbWo1ZjA4YWtnMWIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiI3ODI0NTY2Njc4OTgtN2NkNGJpYWRkaGVwNGc4cnZic2VlOGtwcDA5Zm1hNzIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDE3MTIxMzkwMzgwNDE2MDc0MTQiLCJlbWFpbCI6Inh1ZXpoZW5odWF0anVAc2luYS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwicGljdHVyZSI6Imh0dHBzOi8vbGg1Lmdvb2dsZXVzZXJjb250ZW50LmNvbS8tMm9lTTllT09zNTAvQUFBQUFBQUFBQUkvQUFBQUFBQUFBQkkvMVpOSC0xdmxxc3cvczk2LWMvcGhvdG8uanBnIiwiaWF0IjoxNTYxNDUxMTUyLCJleHAiOjE1NjE0NTQ3NTJ9.Eo9IHMkid596jvt1YYzNsRtDq9c9K9dbougkU41Noh7TXNiko86_RuWwHID6k1kDg398AwC3wwH-t2hLcUjgrXPNd9XYU96Jp4-UxdDszP6ywEJgvvBCyTHzsi2auvKt_MnfSrs3qOKfh7noJvXq8AY-Hi3vqSUks5kGqbZKVzCHhBDO3RD9Fs9YHsB6w0XVKZojPOBDaAT_TiijoChn-Q-e8NbSGUx52OgeH-Nw5lOj6JVb_7fb6ucWRzlhiQuzFjklevLVw2pjw1MxKbl1vfRp0X699uZBVjgl9hj1L7LSDObuPzLiXF7ojji5JKYC6zIwAtZQUZ_VUmSk01GDLQ", 
    "expires_in": 3600, 
    "scope": "openid profile email", 
    "token_type": "Bearer" 
}

Signing Out from HUAWEI ID

Sign Out Process:

1. A user has signed in to an app and attempts to sign out.
2. The app calls the HuaweiIdAuthService.signOut method to request the HUAWEI Account SDK to sign the user out.
3. The HUAWEI Account SDK deletes the HUAWEI ID sign-in information of the user and sends the sign-out result to the app.

Sign Out Sample Code:

1. Call the signOut API using the HuaweiIdAuthService instance that is created during the HUAWEI ID sign-in authorization.

   // Use the HuaweiIdAuthService instance to call the getService API. The service is generated during authorization.
   Task<Void> signOutTask = service.signOut();
   
   

2. Perform processing after the sign-out is complete.

   signOutTask.addOnCompleteListener(new OnCompleteListener<Void>() {
       @Override
       public void onComplete(Task<Void> task) {
           //Processing after the sign-out.
           Log.i(TAG, "signOut complete");
       }
   });
   
   

After completing the development process, click button , run your Android Studio project and generate the APK. Then, install the APK on your mobile phone for testing. The test results are as shown below:

Well done. You have successfully completed this codelab, and learned:

• How to create an app on HUAWEI Developer.
• How to configure and enable the HUAWEI ID service.
• How to import the HUAWEI ID service SDK and call relevant APIs.

HUAWEI Account Kit API References

You can download the source code in github.com/Huawei/Consumer/tree/master/Codelabs/AccountKit

You can also click the button below to download the source code.

Download