Authenticated Requests over SDC
90 views
Skip to first unread message
Dorian Kind
Jan 24, 2012, 11:35:59 AM1/24/12
to google-secure-data-connector
Hello group,
I was wondering whether there is any way to perform access checks when
using SDC with Google Apps Script. We have a web service that some
Google Apps spreadsheets are interacting with, which works beautifully—
however, not all of our users should be able to perform all available
actions on that service.
It would already suffice if we just were able to get the viewerEmail
of the person performing the request, but I was not able to find any
indications that this would be possible, apart from the following
statement (from <http://code.google.com/securedataconnector/docs/1.3/
security.html#AuthenticationRequests>):
"Google Spreadsheets and App Engine do not currently perform a
SignedFetch authenticated request. These features are being actively
worked on."
Is there any news on this issue or are there other possibilities to
authenticate requests over SDC? Any pointers would be greatly
appreciated.
Thanks and best regards,
Dorian
I was wondering whether there is any way to perform access checks when
using SDC with Google Apps Script. We have a web service that some
Google Apps spreadsheets are interacting with, which works beautifully—
however, not all of our users should be able to perform all available
actions on that service.
It would already suffice if we just were able to get the viewerEmail
of the person performing the request, but I was not able to find any
indications that this would be possible, apart from the following
statement (from <http://code.google.com/securedataconnector/docs/1.3/
security.html#AuthenticationRequests>):
"Google Spreadsheets and App Engine do not currently perform a
SignedFetch authenticated request. These features are being actively
worked on."
Is there any news on this issue or are there other possibilities to
authenticate requests over SDC? Any pointers would be greatly
appreciated.
Thanks and best regards,
Dorian
Dan Guzman
Jul 10, 2012, 9:58:53 AM7/10/12
to googl...@googlegroups.com
Curious if you found an answer to your question? I have the same one...
J.L. Villarejo
Jul 11, 2012, 3:19:05 AM7/11/12
to googl...@googlegroups.com
Hello Dorian,
Sorry for my English,
You can get in Google Apps Script the current user with Session.getUser().
Dorian Kind
Jul 11, 2012, 7:07:59 AM7/11/12
to googl...@googlegroups.com
Hi J.L.
many thanks for your post. In the meantime, we have discontinued the use of SDC as I'm getting the feeling that it has no future in Google's service portfolio, but maybe Dan can use your suggestion.
Regards,
Dorian
Dan Guzman
Jul 11, 2012, 2:43:11 PM7/11/12
to googl...@googlegroups.com
Dorian mentioned signed fetch requests not just knowing who the current user is. That I knew you could do.
Thanks,
Dan
Dan
J.L. Villarejo
Jul 12, 2012, 3:26:50 AM7/12/12
to googl...@googlegroups.com
Hello Dan
but in Google Spreadsheets, I make the control of the users with Spreadsheets ACL and my code and current user.
I use this one in Google Apps Script in Google Sites
var options =
{
"useIntranet" : true,
"AUTHORIZATION" : "SIGNED",
"OAUTH_ADD_EMAIL" : true
};
var mUrl = "your uri";
var result = UrlFetchApp.fetch(mUrl, options);
Reply all
Reply to author
Forward
0 new messages