Hi Alex, I looked at the OAuth 2.0 under the trusted testers, it refers, as far as I can understand, to the generation of an API for use by users of my application. What I'm trying to do is much more simple, in my opinion. Allow the application's administrators only (added using the "permissions" option of the admin console) to access one of the application's servlets. I can achieve this if I run everything through a browser which performs the authentication and stores a cookie with the account data. However, I'm trying to do this without the browser from a PC application (written in Delphi, in my case). The more I read about OAuth 1.0 and 2.0, I get more confused. Shouldn't I be able to use OAuth to replace the process the browser does in the background with the help of cookies to perform authentication? I can try and follow up on this on the OAuth forum but I think I need some appengine specific information like how to obtain the client_id and secret required for OAuth 2.0 for my appengine application. Thanks, Daniel
On Thursday, September 27, 2012 4:52:54 PM UTC+2, Daniel Perry wrote: > > Hi Alex, > I might be mixing up things but the reference to the Prediction API was > only used to explain I need an installed application secret in order to use > OAuth 2.0 to authenticate users against my app. > I am able to call the Prediction API on behalf of my users and, in fact, I > did, for a while but have abandoned it for the time being. I have no issues > with type of call, it works file. > I don't think what I'm trying to do is to expose an API. All I'm trying to > do is to allow the application's admins, who have registered google > accounts, to access an administration servlet of my app. > I will look at the OAuth 2.0 under the trusted testers program and see is > it answers my problem. > Thanks, > Daniel > > > > > On Thursday, September 27, 2012 3:52:34 PM UTC+2, alex wrote: >> >> I think you mixing up a couple things here: (1) you want to >> authenticate users agains your app; (2) you want to call external >> services like Predictions API (presumably on behalf of your users?). >> >> There are built-in Users API and OAuth (only 1.0; 2.0 is within the >> trusted testers like I mentioned) services available for doing (1). Or >> you can do your own custom solutions, like username/password. >> >> For doing (2), you should probably take a look at >> https://developers.google.com/accounts/docs/OAuth2InstalledApp but >> again, this has nothing to do with (1) unless you require all your >> users to have a Google account. If impersonating a user is not what >> you really want then probably Service accounts is what you're looking >> for: https://developers.google.com/accounts/docs/OAuth2ServiceAccount >> >> Though, I think the best thing is to ask folks at OAuth 2.0 forum: >> https://groups.google.com/forum/#!forum/oauth2-dev >> Sorry if I misunderstood what you're actually trying to do. >> >> -- alex >> >> >> On Thu, Sep 27, 2012 at 3:16 PM, Daniel Perry <[email protected]> >> wrote: >> > Hi Alex, >> > Thanks for your comment. >> > I am trying to access my own app deployed on production servers. >> > However, my application is a java application so the scope is in the >> > web.xml, as far as I understand. >> > I can set the scope for only part of the application, too. >> > However, I'm trying to authenticate a user using an installed >> application, >> > not a web page. For this I need a secret key. >> > These are available when registring to use a google service like, in my >> > case, the prediction API. I'm unable to figure out how to get OAuth 2.0 >> > secrets for my appengine app. I can register to get OAuth 1.0 secret >> and key >> > but, as I wrote in a previous post, I failed to complete the OAth 1.0 >> dance >> > successfully. >> > Have you previously used OAuth 2.0 from an installed application? >> > Thanks, >> > Daniel >> > >> > >> > On Thursday, September 27, 2012 10:47:53 AM UTC+2, alex wrote: >> >> >> >> Hey Daniel, >> >> >> >> If you're trying to access your own app deployed on production >> >> servers, it's already available: see appcfg.py --oauth2. Look inside >> >> appcfg.py - there's a specific scope for that. Off the top of my head, >> >> it must be something like >> >> "https://www.googleapis.com/auth/appengine.admin"; but I'm not sure. >> >> Though, if I'm not mistaken, it currently authorizes for the whole app >> >> (all or nothing, i.e. as an admin). >> >> >> >> Otherwise, if you're talking about an app exposing some kind of API to >> >> external parties, OAuth 2.0 is available within Endpoints service, >> >> which is currently under trusted tester program. You can sign up here: >> >> http://endpoints-trusted-tester.appspot.com/ >> >> >> >> -- alex >> >> >> >> On Wed, Sep 26, 2012 at 7:23 PM, Daniel Perry <[email protected]> >> wrote: >> >> > Hi, >> >> > As I can't seem to get help regarding my failure to use OAuth 1.0 to >> >> > access >> >> > my appengine application, are there plans to add OAuth 2.0 support >> to >> >> > enable >> >> > authentication using this method? Or, perhaps, if such support >> already >> >> > exists, how do I get the correct key for authenticating an installed >> >> > application to use my appengine servlet? >> >> > The use of OAuth 1.0 appears to be deprecated but still operational, >> but >> >> > I >> >> > would prefer 2.0, in any case. >> >> > Thanks, >> >> > Daniel >> >> > >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups >> >> > "Google App Engine" group. >> >> > To view this discussion on the web visit >> >> > https://groups.google.com/d/msg/google-appengine/-/N63R_R7OgWsJ. >> >> > To post to this group, send email to [email protected]. >> >> > To unsubscribe from this group, send email to >> >> > [email protected]. >> >> > For more options, visit this group at >> >> > http://groups.google.com/group/google-appengine?hl=en. >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Google App Engine" group. >> > To view this discussion on the web visit >> > https://groups.google.com/d/msg/google-appengine/-/_PKJrhm5AR4J. >> > >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group at >> > http://groups.google.com/group/google-appengine?hl=en. >> > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/JYCT32jC1acJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
