Hi Alex, I might be mixing up things but the reference to the Prediction API was only used to explain I need an installed application secret in order to use OAuth 2.0 to authenticate users against my app. I am able to call the Prediction API on behalf of my users and, in fact, I did, for a while but have abandoned it for the time being. I have no issues with type of call, it works file. I don't think what I'm trying to do is to expose an API. All I'm trying to do is to allow the application's admins, who have registered google accounts, to access an administration servlet of my app. I will look at the OAuth 2.0 under the trusted testers program and see is it answers my problem. Thanks, Daniel
On Thursday, September 27, 2012 3:52:34 PM UTC+2, alex wrote: > > I think you mixing up a couple things here: (1) you want to > authenticate users agains your app; (2) you want to call external > services like Predictions API (presumably on behalf of your users?). > > There are built-in Users API and OAuth (only 1.0; 2.0 is within the > trusted testers like I mentioned) services available for doing (1). Or > you can do your own custom solutions, like username/password. > > For doing (2), you should probably take a look at > https://developers.google.com/accounts/docs/OAuth2InstalledApp but > again, this has nothing to do with (1) unless you require all your > users to have a Google account. If impersonating a user is not what > you really want then probably Service accounts is what you're looking > for: https://developers.google.com/accounts/docs/OAuth2ServiceAccount > > Though, I think the best thing is to ask folks at OAuth 2.0 forum: > https://groups.google.com/forum/#!forum/oauth2-dev > Sorry if I misunderstood what you're actually trying to do. > > -- alex > > > On Thu, Sep 27, 2012 at 3:16 PM, Daniel Perry > <[email protected]<javascript:>> > wrote: > > Hi Alex, > > Thanks for your comment. > > I am trying to access my own app deployed on production servers. > > However, my application is a java application so the scope is in the > > web.xml, as far as I understand. > > I can set the scope for only part of the application, too. > > However, I'm trying to authenticate a user using an installed > application, > > not a web page. For this I need a secret key. > > These are available when registring to use a google service like, in my > > case, the prediction API. I'm unable to figure out how to get OAuth 2.0 > > secrets for my appengine app. I can register to get OAuth 1.0 secret and > key > > but, as I wrote in a previous post, I failed to complete the OAth 1.0 > dance > > successfully. > > Have you previously used OAuth 2.0 from an installed application? > > Thanks, > > Daniel > > > > > > On Thursday, September 27, 2012 10:47:53 AM UTC+2, alex wrote: > >> > >> Hey Daniel, > >> > >> If you're trying to access your own app deployed on production > >> servers, it's already available: see appcfg.py --oauth2. Look inside > >> appcfg.py - there's a specific scope for that. Off the top of my head, > >> it must be something like > >> "https://www.googleapis.com/auth/appengine.admin"; but I'm not sure. > >> Though, if I'm not mistaken, it currently authorizes for the whole app > >> (all or nothing, i.e. as an admin). > >> > >> Otherwise, if you're talking about an app exposing some kind of API to > >> external parties, OAuth 2.0 is available within Endpoints service, > >> which is currently under trusted tester program. You can sign up here: > >> http://endpoints-trusted-tester.appspot.com/ > >> > >> -- alex > >> > >> On Wed, Sep 26, 2012 at 7:23 PM, Daniel Perry <[email protected]> > wrote: > >> > Hi, > >> > As I can't seem to get help regarding my failure to use OAuth 1.0 to > >> > access > >> > my appengine application, are there plans to add OAuth 2.0 support to > >> > enable > >> > authentication using this method? Or, perhaps, if such support > already > >> > exists, how do I get the correct key for authenticating an installed > >> > application to use my appengine servlet? > >> > The use of OAuth 1.0 appears to be deprecated but still operational, > but > >> > I > >> > would prefer 2.0, in any case. > >> > Thanks, > >> > Daniel > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Google App Engine" group. > >> > To view this discussion on the web visit > >> > https://groups.google.com/d/msg/google-appengine/-/N63R_R7OgWsJ. > >> > To post to this group, send email to [email protected]. > >> > To unsubscribe from this group, send email to > >> > [email protected]. > >> > For more options, visit this group at > >> > http://groups.google.com/group/google-appengine?hl=en. > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Google App Engine" group. > > To view this discussion on the web visit > > https://groups.google.com/d/msg/google-appengine/-/_PKJrhm5AR4J. > > > > To post to this group, send email to > > [email protected]<javascript:>. > > > To unsubscribe from this group, send email to > > [email protected] <javascript:>. > > For more options, visit this group at > > http://groups.google.com/group/google-appengine?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/n9jr0CHCB1YJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
