(x-post from SO and reddit, for maximum visibility) We're trying to put our app on Google Marketplace, and one of the requirements was to use OAuth2 for authentication. Unfortunately (and strangely), AppEngine doesn't have an option for this.
Right now, we are using OpenID for authentication. I've been trying to find resources online, but have failed in finding a definitive guide on how to do this properly. My concerns are: 1. What scope should I use? 2. How should sessions be managed? (the [Users](https://developers.google.com/appengine/docs/python/users/) service handled this very well) 3. What would the local development process be like? Would I need to have an internet connection to be able to use `dev_appserver.py`? 4. We rely heavily on the [`user_id`](https://developers.google.com/appengine/docs/python/users/userclass#User_user_id) property provided by the Users service. Can I rely on it having the same value when switching to OAuth2? 5. Any possible conflicts in other AppEngine services (ones that rely on Users service)? 6. Would the `login: required` flag in `app.yaml` still work as expected after migrating? 7. Are there plans on supporting proper OAuth2 authentication as a default option in AppEngine projects? Also, the AppEngine docs seem to be out of date with regards to integrating with Marketplace. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/d/optout.
