OAuth 1.0 is officially deprecated:
https://developers.google.com/accounts/docs/RegistrationForWebAppsAuto
It didn't make sense to keep OAuth 1.0 support in the
google-api-python-client, as the library will be going to GA soon, and
it doesn't make sense to go to GA supporting a technology that's already
deprecated.
You can always apply this patch in reverse to add back the OAuth 1.0
support, but there is no guarantee the google-api-python-client library
will remain compatible, nor would the code be supported, but it might be
a short term step you could take on the way to migrating to OAuth 2.0.
On 2012/08/07 05:57:05, naktinis wrote:
> My question was about token key and secret, not about client id and
secret.
> Essentially I am asking whether you plan to keep backwards
compatibility in your
> Python library code. Because OAuth 1.0 requests to Google services
clearly still
> work. However, I can't seem to find how your Python library allows for
that.
> The old library (namely OAuthCredentials) took Token objects
(essentially a pair
> of token_key and token_secret), created a HMAC_SHA1 signature and
added a header
> similar to 'Authorization: OAuth realm="<realm>",
> oauth_consumer_key="<oauth_consumer>", oauth_token="<oauth_token>"
...' Well,
> the OAuth 1.0 way.
> The new library (namely OAuth2Credentials, and there is no
OAuth1Credentials)
> can only perform OAuth 2.0 requests with "Bearer: ..." headers.
> The other Google API library - gdata - supports both OAuth 1.0 and
OAuth 2.0
> requests, using OAuthHmacToken and OAuth2Token classes
(
http://code.google.com/p/gdata-python-client/source/browse/src/gdata/gauth.py).
> Since I know OAuth 1.0 requests still work on Google APIs, and since I
have
> loads of OAuth 1.0 (token_key, token_secret) pairs, and since I know
OAuth 1.0
> is implemented in the other Python API library. My question is whether
it could
> be possible to have "google-api-python-client" backwards compatible
with OAuth
> 1.0 for some time, so I wouldn't need to annoy my users forcing them
to
> authorize the app again, and wouldn't need to resort to nasty hacks
signing the
> requests without your library :)