Hi Keith, Was the OpenID+OAuth hybrid example you were looking at similar to this?
http://googlecodesamples.com/hybrid/ The source code for the above demo can be found here: http://code.google.com/p/gdata-samples/source/browse/#svn/trunk/hybrid It is written in PHP, but is should be possible to port it to Python. There are a few open source libraries for OAuth and OpenID in Python which would help lay a foundation. I'm not sure if you've seen any examples of using OAuth with Google Data APIs from App Engine, but Eric Bidelman has been writing one for the Google Health API. The following is a handler used when the Google OAuth authorization page redirects to your application with the request token: class HealthGetOAuthToken(webapp.RequestHandler): def get(self): oauth_token = gdata.auth.OAuthTokenFromUrl(self.request.uri) if oauth_token: oauth_token.secret = cgi.escape(self.request.get ('oauth_token_secret')) oauth_input_params = gdata.auth.OAuthInputParams( ghealth.SIG_METHOD, ghealth.CONSUMER_KEY, consumer_secret=ghealth.CONSUMER_SECRET) oauth_token.oauth_input_params = oauth_input_params health.client.SetOAuthToken(oauth_token) health.client.UpgradeToOAuthAccessToken() access_token = health.client.token_store.find_token (ghealth.HEALTH_SCOPE) self.response.out.write(access_token) if access_token and users.get_current_user(): health.client.token_store.add_token(access_token) elif access_token: health.client.current_token = access_token health.client.SetOAuthToken(access_token) self.redirect('/') In the above, health.client in the above is a subclass of gdata.service.GDataService. Eric frequents the Google Accounts API group, so that might also be a good place to ask this question. http://groups.google.com/group/Google-Accounts-API Please keep us App Engine users in the loop on what you find out. I'm really excited about the hybrid auth flow as I think it's a big improvement over doing separate redirect flows for authentication and authorization. Thank you, Jeff On Mar 29, 9:59 am, keith_g <[email protected]> wrote: > I see that Google announced the implementation of the OpenId/OAuth > Hybrid. > > I want to use gmail ids to authenticate users of my appengine app. I > also want to be able to access Google Data servces (Calendar, docs > etc.) on behalf of the users, using OAuth. > > The OAuth/OpenId hybrid will be ideal for my purpoe, but I haven't > been able to find an example of it's use in appengine, or even Python > for that matter. > > Has anybody done anything like this? Will OAuth/OpenId be implemented > in the User interface of appengine? > > Any ideas will be welcome. > > Thanks, > > Keith --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
