On Wed, Jul 15, 2009 at 9:55 PM, epb<[email protected]> wrote: > > On Jul 15, 4:05 pm, Tony <[email protected]> wrote: >> The response has the "Set-cookie" header set, which will cause the >> user's browser to save the cookie and then present it on the next >> request (after redirected by the 302). In my code I've opted not to >> follow the redirect, and extracted the cookie myself, because it's the >> urlfetch service doing the request, not the user. You can then either >> return a response to the user with a "Set-cookie" HTTP header (causing >> their browser to save the cookie), or handle it some other way (return >> it in the body and set the cookie with Javascript, for example). >> >> I think I misunderstood your original question, though, and you're >> looking for something different. You want to get an authorization >> cookie and then use it to make repeated requests with urlfetch, not >> with a browser? If that's the case, you're going to want to capture >> the "Set-cookie" header from the second response, and supply that in >> future requests (setting the "Cookie" header for urlfetch). > > Yes, that is exactly what I want :) My client app. is not browser- > based. I guess I'll just use your method then.. appengine_rpc must be > intended for browser apps only, as it does nothing to capture the > auth. cookie. I could of course extend the appengine_rpc module to > capture the cookie, but the module uses urllib2.OpenerDirector.open() > to open URLs and this is perhaps not the way to go in my case? I am > not sure what the difference is between urlfetch() and open().... it > seems like I can get the headers (and hereby the cookie) by using info > () on the response from open().
appengine_rpc is intended for any Python app. It captures the cookie by using a CookieJar, which does the capturing/sending of the cookie. -Nick Johnson > >> >> Basically, urlfetch will follow redirects but it won't handle cookies >> automatically - so what's happening is it's ignoring the "Set-cookie" >> header and following the redirect, and being denied because it's not >> supplying a cookie. >> >> On Jul 15, 2:58 pm, epb <[email protected]> wrote: >> >> > I can see why Tony's version would work. His "algorithm" has two >> > steps: >> >> > 1. Get the authorization token using ClientLogin (which I also managed >> > to do). >> > 2. Use the uri "servername/_ah/login" to get the auth. cookie. >> >> > The appengine_rpc module seems to do authentication in a similar way: >> >> > A. Try to access the app. This results in a redirect to a location >> > that starts withhttps://www.google.com/accounts/ServiceLogin >> > B. Get a auth. token (like step 1 above) >> > C. Use auth. token to get auth. cookie. >> > D. Try to access the app. again (this is where it fails in my case...) >> >> > Anyway, step C is performed using the function below: >> >> > ------- >> >> > def _GetAuthCookie(self, auth_token): >> > """Fetches authentication cookies for an authentication token. >> >> > Args: >> > auth_token: The authentication token returned by ClientLogin. >> >> > Raises: >> > HTTPError: If there was an error fetching the authentication >> > cookies. >> > """ >> > continue_location = "http://localhost/"; >> > args = {"continue": continue_location, "auth": auth_token} >> > login_path = os.environ.get("APPCFG_LOGIN_PATH", "/_ah") >> > req = self._CreateRequest("%s://%s%s/login?%s" % >> > (self.scheme, self.host, login_path, >> > urllib.urlencode(args))) >> > try: >> > response = self.opener.open(req) >> > except urllib2.HTTPError, e: >> > response = e >> > if (response.code != 302 or >> > response.info()["location"] != continue_location): >> > raise urllib2.HTTPError(req.get_full_url(), response.code, >> > response.msg, >> > response.headers, response.fp) >> > self.authenticated = True >> >> > ------ >> >> > It seems to me, that we do nothing with the response in this >> > function?? Shouldn't we save the cookie in the response like Tony's >> > does above, and then use it when we try to log in again? >> >> > On Jul 15, 1:06 pm, epb <[email protected]> wrote: >> >> > > Thanks for your answers. >> >> > > As I understand Nick's response, I only need to use appengine_rpc.py >> > > for the entire process. I tried the following: >> >> > > ------- >> >> > > def passwdFunc(): >> > > return ('my_email','my_passwd') >> >> > > rpcServer = appengine_rpc.HttpRpcServer >> > > ('myapp.appspot.com',passwdFunc,None,'myAppName') >> > > blah = rpcServer.Send('/') >> >> > > ------- >> >> > > This gave me a 302 error and the following log: >> >> > > ------- >> >> > > Server: myapp.appspot.com >> > > Sending HTTP request: >> > > POST /? HTTP/1.1 >> > > Host: myapp.appspot.com >> > > X-appcfg-api-version: 1 >> > > Content-type: application/octet-stream >> >> > > Got http error, this is try #1 >> > > Got 302 redirect. >> > > Location:https://www.google.com/accounts/ServiceLogin?service=ah&continue=http... >> > > nue%3Dhttp://myapp.appspot.com/ >> > > <mpl=gm&ahname=MyAppName&sig=46378246....321321312 >> > > Sending HTTP request: >> > > POST /? HTTP/1.1 >> > > Host: myapp.appspot.com >> > > X-appcfg-api-version: 1 >> > > Content-type: application/octet-stream >> >> > > Got http error, this is try #2 >> >> > > ------- >> >> > > It seems to me that the Send() function should do all authentication- >> > > work automatically and re-direct to the app page after logging in. >> > > Right? >> >> > > Anyway, I'll try out Tonys solution also.. >> >> > > On Jul 15, 11:18 am, Tony <[email protected]> wrote: >> >> > > > Since I happened to have this up, here's a bit of sample code to get >> > > > an authentication cookie for an appspot app... >> >> > > > from google.appengine.api import urlfetch >> > > > from urllib import urlencode >> > > > email = request.POST['username'] >> > > > passwd = request.POST['password'] >> > > > serv_root = "http://myapp.appspot.com"; >> > > > target = 'http://myapp.appspot.com/null' >> > > > app_name = "myapp-1.0" >> > > > auth_uri = 'https://www.google.com/accounts/ClientLogin' >> > > > authreq_data = urlencode({ "Email": email, >> > > > "Passwd": passwd, >> > > > "service": "ah", >> > > > "source": app_name, >> > > > "accountType": "HOSTED_OR_GOOGLE" }) >> > > > result = urlfetch.fetch(auth_uri, authreq_data, method=urlfetch.POST, >> > > > follow_redirects=False) >> > > > auth_dict = dict(x.split("=") for x in result.content.split("\n") if >> > > > x) >> > > > auth_token = auth_dict["Auth"] >> > > > serv_args = {} >> > > > serv_args['continue'] = target >> > > > serv_args['auth'] = auth_token >> > > > serv_uri = "%s/_ah/login?%s" % (serv_root, urlencode(serv_args)) >> > > > result2 = urlfetch.fetch(serv_uri, follow_redirects=False, >> > > > method=urlfetch.GET) >> > > > ### here's the cookie which will authenticate future requests >> > > > cookie = result2.headers['set-cookie'].split(';')[0] >> > > > # cookie[0] => "ACSID" >> > > > # cookie[1] => "AAAAHFSDJHSDFHSDJFHSDJFHSJFSDfsdjfhsjdfhsjdfh..." > > > -- Nick Johnson, App Engine Developer Programs Engineer Google Ireland Ltd. :: Registered in Dublin, Ireland, Registration Number: 368047 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
