Integrating smart lock for passwords on Android [Storing user’s credentials]
“Imagine you have an amazing app in the market. You are really excited to test it and use it for simplifying life. You just downloaded the app. The colorful intro screens only add to your expectations. Finally, you end up on the login screen. You now want to login to the app. You type in your email and password. But, oh! You have entered an invalid password. No issues! You have a cool option to reset your password. You went to the reset password option and again you had to enter your email address. Congratulations, you have successfully reset your password. Now, you again open the app and you see the login screen. Again, you are asked to enter your credentials. Well! I am sure, by now, you are annoyed! I hope you are not planning to uninstall the app….. 🙁 ”
In real world, every user wants things to be done quickly. Auto-correction and auto-fill are examples of such utilities that make things convenient for the user. Similarly, login credentials too can be auto filled into the required fields to make login quicker and more convenient for the user. For this, Android offers smart lock feature. By integrating Smart Lock for Passwords into your Android app, you can automatically sign users in to your app using the credentials they have saved. Users can save both username-password credentials and federated identity provider credentials.
After users successfully sign in, create accounts, or change passwords, they can be allowed to store their credentials to automate future authentication in the app.
Store Credentials
Step – 1 : Create a Credential object containing a user’s sign-in information.
Credential credential = new Credential.Builder(email)
.setPassword(password).build();
Step – 2 : Call CredentialsClient.save() to save users’ credentials.
Note: This call might not be immediately successful. If this is the case, then it means the credentials might be new. In this case, the user must confirm the save request. Thus, Resolve the ResolvableApiException with startResolutionForResult() to prompt the user for confirmation.
If the user chooses not to save credentials, the user won’t be prompted again to save any account’s credentials for the app. If the CredentialsClient.save() is called after a user has opted out, its result will have a status code of CANCELED.
If the user wants to save the credentials at some point of time in future then s/he can opt in later from the Google Settings app, in the Smart Lock for Passwords section. Now, the user must enable credential saving for all accounts to be prompted to save credentials next time.
mCredentialsClient.save(credential).addOnCompleteListener( new OnCompleteListener() { @Override public void onComplete(@NonNull Task task) { if (task.isSuccessful()) { Log.d(TAG, "SAVE: OK"); Toast.makeText(this, "Credentials saved", Toast.LENGTH_SHORT).show(); return; } Exception e = task.getException(); if (e instanceof ResolvableApiException) { // Try to resolve the save request. //This will prompt the user if // the credential is new. ResolvableApiException rae = (ResolvableApiException) e; try { rae.startResolutionForResult(this, RC_SAVE); } catch (IntentSender.SendIntentException e) { // Could not resolve the request Log.e(TAG, "Failed to send resolution.", e); Toast.makeText(this, "Save failed", Toast.LENGTH_SHORT).show(); } } else { // Request has no resolution Toast.makeText(this, "Save failed", Toast.LENGTH_SHORT).show(); } } }); @Override public void onActivityResult(int requestCode, int resultCode, Intent data) { super.onActivityResult(requestCode, resultCode, data); // ... if (requestCode == RC_SAVE) { if (resultCode == RESULT_OK) { Log.d(TAG, "SAVE: OK"); Toast.makeText(this, "Credentials saved", Toast.LENGTH_SHORT).show(); } else { Log.e(TAG, "SAVE: Canceled by user", e); } } // ... }
After storing, the credentials can be retrieved by calling CredentialsClient.request()
In this way, you can store user’s credentials to auto fill the credentials on the login screen. This saves user’s time and adds to the user experience. This will also be implemented in SUSI.AI alongwith an improved auth flow for a better user experience.
Resources
- Smart lock for passwords on Android
https://developers.google.com/identity/smartlock-passwords/android/