Hi Alex, Thanks, I haven't had a chance to check it out yet but it feels like this is the answer I was looking for. I am able to create the project and get the client ID and secret. I have all the delphi side of things figured out, that is not a problem although I, too, have returned to it after about that many years... :-) One last question, when defining the new project in the apis console, the domain is locked to my company's domain. Is this OK although the appengine application's domain is appspot.com? It seems to me the api console does not "know" my xxxx.appspot.com or its authorized administrators. Should the project ID I define in the apis console be xxxx.appspot.com with the exact same name as my appengine project in order to link between the two? Thanks, Daniel
On Thursday, September 27, 2012 6:39:56 PM UTC+2, alex wrote: > > Then what you need is exactly this, I guess: > > 1. Go to https://code.google.com/apis/console, create a new project if > you don't have one. Switch to API Access tab and create client ID and > secret choosing *Installed application* (this is important). > > 2. Read the whole thing here: > https://developers.google.com/accounts/docs/OAuth2InstalledApp and > whenever you see "scope" parameter mentioned, you should set its value > to "https://www.googleapis.com/auth/appengine.admin";. > > Also, there are quite a few links to client libraries if you don't > want to do it from scratch, but I don't believe there's one for > Delphi. At least not from Google. Sorry, I was programming in Delphi > like 20 years ago so I'm pretty sure my knowledge is useless. > > > On Thu, Sep 27, 2012 at 6:15 PM, Daniel Perry > <[email protected]<javascript:>> > wrote: > > Hi Alex, > > I looked at the OAuth 2.0 under the trusted testers, it refers, as far > as I > > can understand, to the generation of an API for use by users of my > > application. > > What I'm trying to do is much more simple, in my opinion. > > Allow the application's administrators only (added using the > "permissions" > > option of the admin console) to access one of the application's > servlets. > > I can achieve this if I run everything through a browser which performs > the > > authentication and stores a cookie with the account data. However, I'm > > trying to do this without the browser from a PC application (written in > > Delphi, in my case). > > The more I read about OAuth 1.0 and 2.0, I get more confused. Shouldn't > I be > > able to use OAuth to replace the process the browser does in the > background > > with the help of cookies to perform authentication? > > I can try and follow up on this on the OAuth forum but I think I need > some > > appengine specific information like how to obtain the client_id and > secret > > required for OAuth 2.0 for my appengine application. > > Thanks, > > Daniel > > > > > > On Thursday, September 27, 2012 4:52:54 PM UTC+2, Daniel Perry wrote: > >> > >> Hi Alex, > >> I might be mixing up things but the reference to the Prediction API was > >> only used to explain I need an installed application secret in order to > use > >> OAuth 2.0 to authenticate users against my app. > >> I am able to call the Prediction API on behalf of my users and, in > fact, I > >> did, for a while but have abandoned it for the time being. I have no > issues > >> with type of call, it works file. > >> I don't think what I'm trying to do is to expose an API. All I'm trying > to > >> do is to allow the application's admins, who have registered google > >> accounts, to access an administration servlet of my app. > >> I will look at the OAuth 2.0 under the trusted testers program and see > is > >> it answers my problem. > >> Thanks, > >> Daniel > >> > >> > >> > >> > >> On Thursday, September 27, 2012 3:52:34 PM UTC+2, alex wrote: > >>> > >>> I think you mixing up a couple things here: (1) you want to > >>> authenticate users agains your app; (2) you want to call external > >>> services like Predictions API (presumably on behalf of your users?). > >>> > >>> There are built-in Users API and OAuth (only 1.0; 2.0 is within the > >>> trusted testers like I mentioned) services available for doing (1). Or > >>> you can do your own custom solutions, like username/password. > >>> > >>> For doing (2), you should probably take a look at > >>> https://developers.google.com/accounts/docs/OAuth2InstalledApp but > >>> again, this has nothing to do with (1) unless you require all your > >>> users to have a Google account. If impersonating a user is not what > >>> you really want then probably Service accounts is what you're looking > >>> for: https://developers.google.com/accounts/docs/OAuth2ServiceAccount > >>> > >>> Though, I think the best thing is to ask folks at OAuth 2.0 forum: > >>> https://groups.google.com/forum/#!forum/oauth2-dev > >>> Sorry if I misunderstood what you're actually trying to do. > >>> > >>> -- alex > >>> > >>> > >>> On Thu, Sep 27, 2012 at 3:16 PM, Daniel Perry <[email protected]> > wrote: > >>> > Hi Alex, > >>> > Thanks for your comment. > >>> > I am trying to access my own app deployed on production servers. > >>> > However, my application is a java application so the scope is in the > >>> > web.xml, as far as I understand. > >>> > I can set the scope for only part of the application, too. > >>> > However, I'm trying to authenticate a user using an installed > >>> > application, > >>> > not a web page. For this I need a secret key. > >>> > These are available when registring to use a google service like, in > my > >>> > case, the prediction API. I'm unable to figure out how to get OAuth > 2.0 > >>> > secrets for my appengine app. I can register to get OAuth 1.0 secret > >>> > and key > >>> > but, as I wrote in a previous post, I failed to complete the OAth > 1.0 > >>> > dance > >>> > successfully. > >>> > Have you previously used OAuth 2.0 from an installed application? > >>> > Thanks, > >>> > Daniel > >>> > > >>> > > >>> > On Thursday, September 27, 2012 10:47:53 AM UTC+2, alex wrote: > >>> >> > >>> >> Hey Daniel, > >>> >> > >>> >> If you're trying to access your own app deployed on production > >>> >> servers, it's already available: see appcfg.py --oauth2. Look > inside > >>> >> appcfg.py - there's a specific scope for that. Off the top of my > head, > >>> >> it must be something like > >>> >> "https://www.googleapis.com/auth/appengine.admin"; but I'm not > sure. > >>> >> Though, if I'm not mistaken, it currently authorizes for the whole > app > >>> >> (all or nothing, i.e. as an admin). > >>> >> > >>> >> Otherwise, if you're talking about an app exposing some kind of API > to > >>> >> external parties, OAuth 2.0 is available within Endpoints service, > >>> >> which is currently under trusted tester program. You can sign up > here: > >>> >> http://endpoints-trusted-tester.appspot.com/ > >>> >> > >>> >> -- alex > >>> >> > >>> >> On Wed, Sep 26, 2012 at 7:23 PM, Daniel Perry <[email protected]> > >>> >> wrote: > >>> >> > Hi, > >>> >> > As I can't seem to get help regarding my failure to use OAuth 1.0 > to > >>> >> > access > >>> >> > my appengine application, are there plans to add OAuth 2.0 > support > >>> >> > to > >>> >> > enable > >>> >> > authentication using this method? Or, perhaps, if such support > >>> >> > already > >>> >> > exists, how do I get the correct key for authenticating an > installed > >>> >> > application to use my appengine servlet? > >>> >> > The use of OAuth 1.0 appears to be deprecated but still > operational, > >>> >> > but > >>> >> > I > >>> >> > would prefer 2.0, in any case. > >>> >> > Thanks, > >>> >> > Daniel > >>> >> > > >>> >> > -- > >>> >> > You received this message because you are subscribed to the > Google > >>> >> > Groups > >>> >> > "Google App Engine" group. > >>> >> > To view this discussion on the web visit > >>> >> > https://groups.google.com/d/msg/google-appengine/-/N63R_R7OgWsJ. > >>> >> > To post to this group, send email to [email protected]. > > >>> >> > To unsubscribe from this group, send email to > >>> >> > [email protected]. > >>> >> > For more options, visit this group at > >>> >> > http://groups.google.com/group/google-appengine?hl=en. > >>> > > >>> > -- > >>> > You received this message because you are subscribed to the Google > >>> > Groups > >>> > "Google App Engine" group. > >>> > To view this discussion on the web visit > >>> > https://groups.google.com/d/msg/google-appengine/-/_PKJrhm5AR4J. > >>> > > >>> > To post to this group, send email to [email protected]. > >>> > To unsubscribe from this group, send email to > >>> > [email protected]. > >>> > For more options, visit this group at > >>> > http://groups.google.com/group/google-appengine?hl=en. > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Google App Engine" group. > > To view this discussion on the web visit > > https://groups.google.com/d/msg/google-appengine/-/JYCT32jC1acJ. > > > > To post to this group, send email to > > [email protected]<javascript:>. > > > To unsubscribe from this group, send email to > > [email protected] <javascript:>. > > For more options, visit this group at > > http://groups.google.com/group/google-appengine?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/IRCD1VHoEPQJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
