Logging in with Google account OAuth2 Appcelerator and App Engine

[Boy Lenssen]

Hi,

I have an application on <my_app_id>.appspot.com (so using App Engine).

I want users to log in with their Google (or other OpenID in future) account.

I found out that with: https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&redirect_uri=<some_url>&response_type=token&client_id=<client_id> I can ask users for an token.

With this token, I can get userinfo:

https://www.googleapis.com/oauth2/v1/userinfo?access_token=<received_token>

that works well.

But then, have a year ago I found the following example:

http://ido-green.appspot.com/CloudEndpoints/CloudEndpointsWebBlogPost.html

Here there is a "security" chapter (search for this keyword) and you see that somehow a "User" argument is added to the endpoint, with a scope and client_id.

Next, the blogger shows how you can authorize via the api explorer and how to use a JavaScript API. But what I want a 'generic' solution, not just JS. I am using Appcelerator, which uses JS as language but I'm unable to use this API. So I "just" want to use HTTPS requests for doing calls on my API on Appspot with authenticated user.

I spent days already to figure this out, but did not found out anything.

Am I doing it the wrong way? Should I use a different approach? Like storing the token I received above in a datastore on my app engine and also the token on the user's device to know the user logged in again?

I also saw references to '<my_app_id>.appspot.com/_ah/login'. Is this a feature you can use for logging in? Passing the token in the URL did not work to get the user logged in.

I think I need a push in the right direction to get my authentication up and running. I find a lot of example online, but most of them are only to get UserInfo, not 'automatically' OAuth2 on app engine.

[Boy Lenssen]

should this topic be moved to the Endpoints Trusted Testers? I think I posted in the wrong group...