Sample of Server to Server authentication using OAuth 2.0 with Google API's

6 views
Skip to first unread message

Roger via StackOverflow

unread,
Oct 16, 2013, 11:32:19 AM10/16/13
to google-appengin...@googlegroups.com

This is a follow-up question for this question:

I have successfully created a private key and have read the various pages of Google documentation on the concepts of server to server authentication.

I need to create a JWT to authorize my App Engine application (Python) to access the Google calendar and post events in the calendar. From the source in oauth2client it looks like I need to use oauth2client.client.SignedJwtAssertionCredentials to create the JWT.

What I'm missing at the moment is a stylised bit of sample Python code of the various steps involved to create the JWT and use it to authenticate my App Engine application for Google Calendar. Also, from SignedJwtAssertionCredentials source it looks like I need some App Engine compatible library to perform the signing.

Can anybody shed some light on this?



Please DO NOT REPLY directly to this email but go to StackOverflow:
http://stackoverflow.com/questions/19407600/sample-of-server-to-server-authentication-using-oauth-2-0-with-google-apis

Roger via StackOverflow

unread,
Oct 16, 2013, 5:08:51 PM10/16/13
to google-appengin...@googlegroups.com

After some digging I found a couple of samples based on the OAuth2 authentication. From this I cooked up the following simple sample that creates a JWT to access the calendar API:

import httplib2
import pprint

from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials

# Get the private key from the Google supplied private key file.
f = file("your_private_key_file.p12", "rb")
key = f.read()
f.close()

# Create the JWT
credentials = SignedJwtAssertionCredentials(
  "xxxxx...@developer.gserviceaccount.com", key,
  scope="https://www.googleapis.com/auth/calendar"
)

# Create an authorized http instance
http = httplib2.Http()
http = credentials.authorize(http)

# Create a service call to the calendar API
service = build("calendar", "v3", http=http)

# List all calendars.
lists = service.calendarList().list(pageToken=None).execute(http=http)
pprint.pprint(lists)

For this to work on Google App Engine you will need to enable PyCrypto for your app. This means adding the following to your app.yaml file:

libraries:
- name: pycrypto
  version: "latest"


Please DO NOT REPLY directly to this email but go to StackOverflow:
http://stackoverflow.com/questions/19407600/sample-of-server-to-server-authentication-using-oauth-2-0-with-google-apis/19413874#19413874

Roger via StackOverflow

unread,
Oct 18, 2013, 12:00:11 PM10/18/13
to google-appengin...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages