Hi Brice,
The section in the docs you'll be interested in is:
http://code.google.com/appengine/docs/java/oauth/overview.html
However, if I'm not mistaken, the built-in OAuth stuff will only
work with Google accounts. So if your app works with other OpenID
providers you might need to do something a little different. Also,
last time I tested the built-in OAuth with Apps accounts it did not
work correctly (the authentication works, but the app did not
recognize the user).
Robert
On Mon, Apr 25, 2011 at 00:20, Brice <[email protected]> wrote:
> Good evening,
>
> I would appreciate some pointers on how to accomplish what I think the
> gentleman in this thread is doing:
> http://groups.google.com/group/google-appengine/browse_thread/thread/78dadccc8b8a644d/836d75c50a6be4ae?lnk=gst&q=openid+oauth#836d75c50a6be4ae
>
> Specifically, I'm trying to follow the suggestions from here:
> https://sites.google.com/site/oauthgoog/UXFedLogin/nobrowser/input-capable-devices
>
> I have a new AppEngine (Java) site using federated login. Everything
> appears to be working with that setup - I've implemented /_ah/
> login_required/ and am able to successfully login/logout when
> accessing "secured" URLs in my application.
>
> What I'm not getting (maybe because I'm not understanding something),
> is how to get OAuth working ... my understanding is that I need OAuth
> to provide my desktop application with a long-lived access token that
> it can use. I've read reams of documentation, it seems, but I'm not
> putting it together for some reason.
>
> I have registered my AppEngine application with Google ... I have a
> key/secret and the RSA cert/key from that process. I have no idea how/
> where to use this ... presumably this is part of the hybrid openid
> +oauth mechanism, but following the instructions here:
> http://code.google.com/apis/accounts/docs/OpenID.html#oauth -- I'm not
> seeing where/how.
>
> My goal is pretty straightforward ... users install the desktop app,
> which needs to access secured URLs in my app engine app - instead of
> providing username/password in the desktop app, users go to a URL in
> my app engine app ... they login (using any OpenID provider),
> <authentication/authorization/oauth stuff> happens, then they get a
> key to enter into the desktop app ... the desktop app turns this
> around and gets the long-lived OAuth token for accessing secured URLs
> in my app engine app.
>
> The <oauth stuff happens> bit in the middle is what I'm apparently
> missing ...
>
> Any guidance (code samples/flows) would be excellent and much
> appreciated.
>
> Thanks,
> Brice
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/google-appengine?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
