Hardcoded access to a Google Data service from App Engine-app

50 views
Skip to first unread message

Kristofer Johansson

unread,
Jan 7, 2012, 9:05:25 AM1/7/12
to Google App Engine
Hello!
I'm finding a million ways to authenticate users of a a web-app in
order to access their different Google-stuff through Google APIs.

However I'm looking for a simple, stable way for the app to access one
calendar that kind of belongs to the app. There seem to be a lot of
ways to auth (OAuth, AuthSub, ClientLogin and so on) and I can only
find information about which one to choose from the perspective that
this permission will be asked to users on a regular basis.

I'm thinking about simply hardcoding the username and password to the
account that owns the Calendar and use the simplest auth-method with
the most long-lived token to access.
What auth-method should I use or is there a better way?

Thank you very much for your time!
/Tottish

Ernesto Oltra

unread,
Jan 8, 2012, 3:03:19 PM1/8/12
to google-a...@googlegroups.com
Hi,

To me, the most stable & easy way has been OAuth2, requesting offline access and updating & saving the token automatically each time it expires. I save it in datastore, an entity with a special key ("master"), for easy of retrieval without queries. This design allows too for an admin section in the website, where I can easily view/remove/re-ask the token.

Ernesto

Kristofer Johansson

unread,
Jan 8, 2012, 5:46:28 PM1/8/12
to Google App Engine
Thanks Ernesto!
OK, would you happen to have a tutorial or similar for this approach?
Since I'm very new to this and all the guides I found are written for
manual user-auth it would really help if there was some documantation
to read on this "automatic" approach.
Have an awesome day!
/Tottish

Ernesto Oltra

unread,
Jan 8, 2012, 6:07:01 PM1/8/12
to google-a...@googlegroups.com
Hi,

I didn't have any problems in sharing all the code, but it's in Go; contact me if you need it.
I meant that the OAuth flow is:

You prepare the authorization & redirect the user to Google ---> The user allows your app ---> Google gives you a temporary token ---> You interchange that token with a permanent one (with an expire date) ---> Store it

Each time you do a request, the code must:

Retrieve the token ---> If it's expired, ask for a new one -> Store it again if it has changed ---> Do the request

Hard-coding the password in your code requires an update & deploy each time the user changes the password (apart from being less secure).


Ernesto

Brandon Wirtz

unread,
Jan 8, 2012, 6:16:57 PM1/8/12
to google-a...@googlegroups.com

Ernesto,

 

How are you liking Go?  I have been considering it.  I would be more likely to consider it if I knew people outside of Google were using it since Google would never hire me for any meaningful position.

 

-Brandon

--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.

Kristofer Johansson

unread,
Jan 9, 2012, 2:46:13 PM1/9/12
to Google App Engine
OK, and you're saying this can be done automatically after the first
manual authorization?
I just want to make sure so that I won't have to do manual
authorization every now and then for the app to be able look in the
calendar.

Just so we're clear: The GAE-app will NOT need access to the calendar
of any of its users. However it WILL need around-the-clock access to
the calendars of a specific Gmail-account created only for this
purpose.

Just want to make sure before investing time and effort into learning
OAuth2.
So: Can I use OAuth2 for my needs?

Cheers!
/Tottish

Ernesto Oltra

unread,
Jan 9, 2012, 4:08:45 PM1/9/12
to google-a...@googlegroups.com
Hi,

We have the same needs too, a single user controlling the list of downloads and receiving the essays. I'll send you the code offline.

Ernesto

Reply all
Reply to author
Forward
0 new messages