Thanks, that is a good tip. I will try it all and post my results. Thanks, Daniel
On Thursday, September 27, 2012 9:07:00 PM UTC+2, alex wrote: > > Yes, it's ok for the auth thing. I mean, it doesn't matter. The only > difference is, you won't be able to add to the team members list > people outside of your custom domain. > > What I sometimes do when I know I might be adding someone outside of a > custom domain, I create a project using my @gmail.com account, then > add my other account of a custom domain as administrator. You can then > enable billing from your custom domain account and even remove the > original @gmail.com account which you'd initially created a project > with. > > -- alex > > On Thu, Sep 27, 2012 at 8:29 PM, Daniel Perry > <[email protected]<javascript:>> > wrote: > > Hi Alex, > > Thanks, I haven't had a chance to check it out yet but it feels like > this is > > the answer I was looking for. I am able to create the project and get > the > > client ID and secret. I have all the delphi side of things figured out, > that > > is not a problem although I, too, have returned to it after about that > many > > years... :-) > > One last question, when defining the new project in the apis console, > the > > domain is locked to my company's domain. Is this OK although the > appengine > > application's domain is appspot.com? > > It seems to me the api console does not "know" my xxxx.appspot.com or > its > > authorized administrators. > > Should the project ID I define in the apis console be xxxx.appspot.comwith > > the exact same name as my appengine project in order to link between the > > two? > > Thanks, > > Daniel > > > > > > On Thursday, September 27, 2012 6:39:56 PM UTC+2, alex wrote: > >> > >> Then what you need is exactly this, I guess: > >> > >> 1. Go to https://code.google.com/apis/console, create a new project if > >> you don't have one. Switch to API Access tab and create client ID and > >> secret choosing *Installed application* (this is important). > >> > >> 2. Read the whole thing here: > >> https://developers.google.com/accounts/docs/OAuth2InstalledApp and > >> whenever you see "scope" parameter mentioned, you should set its value > >> to "https://www.googleapis.com/auth/appengine.admin";. > >> > >> Also, there are quite a few links to client libraries if you don't > >> want to do it from scratch, but I don't believe there's one for > >> Delphi. At least not from Google. Sorry, I was programming in Delphi > >> like 20 years ago so I'm pretty sure my knowledge is useless. > >> > >> > >> On Thu, Sep 27, 2012 at 6:15 PM, Daniel Perry <[email protected]> > wrote: > >> > Hi Alex, > >> > I looked at the OAuth 2.0 under the trusted testers, it refers, as > far > >> > as I > >> > can understand, to the generation of an API for use by users of my > >> > application. > >> > What I'm trying to do is much more simple, in my opinion. > >> > Allow the application's administrators only (added using the > >> > "permissions" > >> > option of the admin console) to access one of the application's > >> > servlets. > >> > I can achieve this if I run everything through a browser which > performs > >> > the > >> > authentication and stores a cookie with the account data. However, > I'm > >> > trying to do this without the browser from a PC application (written > in > >> > Delphi, in my case). > >> > The more I read about OAuth 1.0 and 2.0, I get more confused. > Shouldn't > >> > I be > >> > able to use OAuth to replace the process the browser does in the > >> > background > >> > with the help of cookies to perform authentication? > >> > I can try and follow up on this on the OAuth forum but I think I need > >> > some > >> > appengine specific information like how to obtain the client_id and > >> > secret > >> > required for OAuth 2.0 for my appengine application. > >> > Thanks, > >> > Daniel > >> > > >> > > >> > On Thursday, September 27, 2012 4:52:54 PM UTC+2, Daniel Perry wrote: > >> >> > >> >> Hi Alex, > >> >> I might be mixing up things but the reference to the Prediction API > was > >> >> only used to explain I need an installed application secret in order > to > >> >> use > >> >> OAuth 2.0 to authenticate users against my app. > >> >> I am able to call the Prediction API on behalf of my users and, in > >> >> fact, I > >> >> did, for a while but have abandoned it for the time being. I have no > >> >> issues > >> >> with type of call, it works file. > >> >> I don't think what I'm trying to do is to expose an API. All I'm > trying > >> >> to > >> >> do is to allow the application's admins, who have registered google > >> >> accounts, to access an administration servlet of my app. > >> >> I will look at the OAuth 2.0 under the trusted testers program and > see > >> >> is > >> >> it answers my problem. > >> >> Thanks, > >> >> Daniel > >> >> > >> >> > >> >> > >> >> > >> >> On Thursday, September 27, 2012 3:52:34 PM UTC+2, alex wrote: > >> >>> > >> >>> I think you mixing up a couple things here: (1) you want to > >> >>> authenticate users agains your app; (2) you want to call external > >> >>> services like Predictions API (presumably on behalf of your > users?). > >> >>> > >> >>> There are built-in Users API and OAuth (only 1.0; 2.0 is within the > >> >>> trusted testers like I mentioned) services available for doing (1). > Or > >> >>> you can do your own custom solutions, like username/password. > >> >>> > >> >>> For doing (2), you should probably take a look at > >> >>> https://developers.google.com/accounts/docs/OAuth2InstalledApp but > >> >>> again, this has nothing to do with (1) unless you require all your > >> >>> users to have a Google account. If impersonating a user is not what > >> >>> you really want then probably Service accounts is what you're > looking > >> >>> for: > https://developers.google.com/accounts/docs/OAuth2ServiceAccount > >> >>> > >> >>> Though, I think the best thing is to ask folks at OAuth 2.0 forum: > >> >>> https://groups.google.com/forum/#!forum/oauth2-dev > >> >>> Sorry if I misunderstood what you're actually trying to do. > >> >>> > >> >>> -- alex > >> >>> > >> >>> > >> >>> On Thu, Sep 27, 2012 at 3:16 PM, Daniel Perry <[email protected]> > >> >>> wrote: > >> >>> > Hi Alex, > >> >>> > Thanks for your comment. > >> >>> > I am trying to access my own app deployed on production servers. > >> >>> > However, my application is a java application so the scope is in > the > >> >>> > web.xml, as far as I understand. > >> >>> > I can set the scope for only part of the application, too. > >> >>> > However, I'm trying to authenticate a user using an installed > >> >>> > application, > >> >>> > not a web page. For this I need a secret key. > >> >>> > These are available when registring to use a google service like, > in > >> >>> > my > >> >>> > case, the prediction API. I'm unable to figure out how to get > OAuth > >> >>> > 2.0 > >> >>> > secrets for my appengine app. I can register to get OAuth 1.0 > secret > >> >>> > and key > >> >>> > but, as I wrote in a previous post, I failed to complete the OAth > >> >>> > 1.0 > >> >>> > dance > >> >>> > successfully. > >> >>> > Have you previously used OAuth 2.0 from an installed application? > >> >>> > Thanks, > >> >>> > Daniel > >> >>> > > >> >>> > > >> >>> > On Thursday, September 27, 2012 10:47:53 AM UTC+2, alex wrote: > >> >>> >> > >> >>> >> Hey Daniel, > >> >>> >> > >> >>> >> If you're trying to access your own app deployed on production > >> >>> >> servers, it's already available: see appcfg.py --oauth2. Look > >> >>> >> inside > >> >>> >> appcfg.py - there's a specific scope for that. Off the top of my > >> >>> >> head, > >> >>> >> it must be something like > >> >>> >> "https://www.googleapis.com/auth/appengine.admin"; but I'm not > sure. > >> >>> >> Though, if I'm not mistaken, it currently authorizes for the > whole > >> >>> >> app > >> >>> >> (all or nothing, i.e. as an admin). > >> >>> >> > >> >>> >> Otherwise, if you're talking about an app exposing some kind of > API > >> >>> >> to > >> >>> >> external parties, OAuth 2.0 is available within Endpoints > service, > >> >>> >> which is currently under trusted tester program. You can sign up > >> >>> >> here: > >> >>> >> http://endpoints-trusted-tester.appspot.com/ > >> >>> >> > >> >>> >> -- alex > >> >>> >> > >> >>> >> On Wed, Sep 26, 2012 at 7:23 PM, Daniel Perry < > [email protected]> > >> >>> >> wrote: > >> >>> >> > Hi, > >> >>> >> > As I can't seem to get help regarding my failure to use OAuth > 1.0 > >> >>> >> > to > >> >>> >> > access > >> >>> >> > my appengine application, are there plans to add OAuth 2.0 > >> >>> >> > support > >> >>> >> > to > >> >>> >> > enable > >> >>> >> > authentication using this method? Or, perhaps, if such support > >> >>> >> > already > >> >>> >> > exists, how do I get the correct key for authenticating an > >> >>> >> > installed > >> >>> >> > application to use my appengine servlet? > >> >>> >> > The use of OAuth 1.0 appears to be deprecated but still > >> >>> >> > operational, > >> >>> >> > but > >> >>> >> > I > >> >>> >> > would prefer 2.0, in any case. > >> >>> >> > Thanks, > >> >>> >> > Daniel > >> >>> >> > > >> >>> >> > -- > >> >>> >> > You received this message because you are subscribed to the > >> >>> >> > Google > >> >>> >> > Groups > >> >>> >> > "Google App Engine" group. > >> >>> >> > To view this discussion on the web visit > >> >>> >> > > https://groups.google.com/d/msg/google-appengine/-/N63R_R7OgWsJ. > >> >>> >> > To post to this group, send email to > >> >>> >> > [email protected]. > >> >>> >> > To unsubscribe from this group, send email to > >> >>> >> > [email protected]. > >> >>> >> > For more options, visit this group at > >> >>> >> > http://groups.google.com/group/google-appengine?hl=en. > >> >>> > > >> >>> > -- > >> >>> > You received this message because you are subscribed to the > Google > >> >>> > Groups > >> >>> > "Google App Engine" group. > >> >>> > To view this discussion on the web visit > >> >>> > https://groups.google.com/d/msg/google-appengine/-/_PKJrhm5AR4J. > >> >>> > > >> >>> > To post to this group, send email to [email protected]. > > >> >>> > To unsubscribe from this group, send email to > >> >>> > [email protected]. > >> >>> > For more options, visit this group at > >> >>> > http://groups.google.com/group/google-appengine?hl=en. > >> > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "Google App Engine" group. > >> > To view this discussion on the web visit > >> > https://groups.google.com/d/msg/google-appengine/-/JYCT32jC1acJ. > >> > > >> > To post to this group, send email to [email protected]. > >> > To unsubscribe from this group, send email to > >> > [email protected]. > >> > For more options, visit this group at > >> > http://groups.google.com/group/google-appengine?hl=en. > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Google App Engine" group. > > To view this discussion on the web visit > > https://groups.google.com/d/msg/google-appengine/-/IRCD1VHoEPQJ. > > > > To post to this group, send email to > > [email protected]<javascript:>. > > > To unsubscribe from this group, send email to > > [email protected] <javascript:>. > > For more options, visit this group at > > http://groups.google.com/group/google-appengine?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/hKfQDg8FAb8J. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
