Then what you need is exactly this, I guess: 1. Go to https://code.google.com/apis/console, create a new project if you don't have one. Switch to API Access tab and create client ID and secret choosing *Installed application* (this is important).
2. Read the whole thing here: https://developers.google.com/accounts/docs/OAuth2InstalledApp and whenever you see "scope" parameter mentioned, you should set its value to "https://www.googleapis.com/auth/appengine.admin";. Also, there are quite a few links to client libraries if you don't want to do it from scratch, but I don't believe there's one for Delphi. At least not from Google. Sorry, I was programming in Delphi like 20 years ago so I'm pretty sure my knowledge is useless. On Thu, Sep 27, 2012 at 6:15 PM, Daniel Perry <[email protected]> wrote: > Hi Alex, > I looked at the OAuth 2.0 under the trusted testers, it refers, as far as I > can understand, to the generation of an API for use by users of my > application. > What I'm trying to do is much more simple, in my opinion. > Allow the application's administrators only (added using the "permissions" > option of the admin console) to access one of the application's servlets. > I can achieve this if I run everything through a browser which performs the > authentication and stores a cookie with the account data. However, I'm > trying to do this without the browser from a PC application (written in > Delphi, in my case). > The more I read about OAuth 1.0 and 2.0, I get more confused. Shouldn't I be > able to use OAuth to replace the process the browser does in the background > with the help of cookies to perform authentication? > I can try and follow up on this on the OAuth forum but I think I need some > appengine specific information like how to obtain the client_id and secret > required for OAuth 2.0 for my appengine application. > Thanks, > Daniel > > > On Thursday, September 27, 2012 4:52:54 PM UTC+2, Daniel Perry wrote: >> >> Hi Alex, >> I might be mixing up things but the reference to the Prediction API was >> only used to explain I need an installed application secret in order to use >> OAuth 2.0 to authenticate users against my app. >> I am able to call the Prediction API on behalf of my users and, in fact, I >> did, for a while but have abandoned it for the time being. I have no issues >> with type of call, it works file. >> I don't think what I'm trying to do is to expose an API. All I'm trying to >> do is to allow the application's admins, who have registered google >> accounts, to access an administration servlet of my app. >> I will look at the OAuth 2.0 under the trusted testers program and see is >> it answers my problem. >> Thanks, >> Daniel >> >> >> >> >> On Thursday, September 27, 2012 3:52:34 PM UTC+2, alex wrote: >>> >>> I think you mixing up a couple things here: (1) you want to >>> authenticate users agains your app; (2) you want to call external >>> services like Predictions API (presumably on behalf of your users?). >>> >>> There are built-in Users API and OAuth (only 1.0; 2.0 is within the >>> trusted testers like I mentioned) services available for doing (1). Or >>> you can do your own custom solutions, like username/password. >>> >>> For doing (2), you should probably take a look at >>> https://developers.google.com/accounts/docs/OAuth2InstalledApp but >>> again, this has nothing to do with (1) unless you require all your >>> users to have a Google account. If impersonating a user is not what >>> you really want then probably Service accounts is what you're looking >>> for: https://developers.google.com/accounts/docs/OAuth2ServiceAccount >>> >>> Though, I think the best thing is to ask folks at OAuth 2.0 forum: >>> https://groups.google.com/forum/#!forum/oauth2-dev >>> Sorry if I misunderstood what you're actually trying to do. >>> >>> -- alex >>> >>> >>> On Thu, Sep 27, 2012 at 3:16 PM, Daniel Perry <[email protected]> wrote: >>> > Hi Alex, >>> > Thanks for your comment. >>> > I am trying to access my own app deployed on production servers. >>> > However, my application is a java application so the scope is in the >>> > web.xml, as far as I understand. >>> > I can set the scope for only part of the application, too. >>> > However, I'm trying to authenticate a user using an installed >>> > application, >>> > not a web page. For this I need a secret key. >>> > These are available when registring to use a google service like, in my >>> > case, the prediction API. I'm unable to figure out how to get OAuth 2.0 >>> > secrets for my appengine app. I can register to get OAuth 1.0 secret >>> > and key >>> > but, as I wrote in a previous post, I failed to complete the OAth 1.0 >>> > dance >>> > successfully. >>> > Have you previously used OAuth 2.0 from an installed application? >>> > Thanks, >>> > Daniel >>> > >>> > >>> > On Thursday, September 27, 2012 10:47:53 AM UTC+2, alex wrote: >>> >> >>> >> Hey Daniel, >>> >> >>> >> If you're trying to access your own app deployed on production >>> >> servers, it's already available: see appcfg.py --oauth2. Look inside >>> >> appcfg.py - there's a specific scope for that. Off the top of my head, >>> >> it must be something like >>> >> "https://www.googleapis.com/auth/appengine.admin"; but I'm not sure. >>> >> Though, if I'm not mistaken, it currently authorizes for the whole app >>> >> (all or nothing, i.e. as an admin). >>> >> >>> >> Otherwise, if you're talking about an app exposing some kind of API to >>> >> external parties, OAuth 2.0 is available within Endpoints service, >>> >> which is currently under trusted tester program. You can sign up here: >>> >> http://endpoints-trusted-tester.appspot.com/ >>> >> >>> >> -- alex >>> >> >>> >> On Wed, Sep 26, 2012 at 7:23 PM, Daniel Perry <[email protected]> >>> >> wrote: >>> >> > Hi, >>> >> > As I can't seem to get help regarding my failure to use OAuth 1.0 to >>> >> > access >>> >> > my appengine application, are there plans to add OAuth 2.0 support >>> >> > to >>> >> > enable >>> >> > authentication using this method? Or, perhaps, if such support >>> >> > already >>> >> > exists, how do I get the correct key for authenticating an installed >>> >> > application to use my appengine servlet? >>> >> > The use of OAuth 1.0 appears to be deprecated but still operational, >>> >> > but >>> >> > I >>> >> > would prefer 2.0, in any case. >>> >> > Thanks, >>> >> > Daniel >>> >> > >>> >> > -- >>> >> > You received this message because you are subscribed to the Google >>> >> > Groups >>> >> > "Google App Engine" group. >>> >> > To view this discussion on the web visit >>> >> > https://groups.google.com/d/msg/google-appengine/-/N63R_R7OgWsJ. >>> >> > To post to this group, send email to [email protected]. >>> >> > To unsubscribe from this group, send email to >>> >> > [email protected]. >>> >> > For more options, visit this group at >>> >> > http://groups.google.com/group/google-appengine?hl=en. >>> > >>> > -- >>> > You received this message because you are subscribed to the Google >>> > Groups >>> > "Google App Engine" group. >>> > To view this discussion on the web visit >>> > https://groups.google.com/d/msg/google-appengine/-/_PKJrhm5AR4J. >>> > >>> > To post to this group, send email to [email protected]. >>> > To unsubscribe from this group, send email to >>> > [email protected]. >>> > For more options, visit this group at >>> > http://groups.google.com/group/google-appengine?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-appengine/-/JYCT32jC1acJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
