All geek questions in one place

How to use OAuth2 in a command line tool to access an application hosted on Google Appengine?

I have an application hosted on Google app-engine (http://spititan.appspot.com). I also have a command line tool to access this application through ClientLogin. The code snippet is as follows:

138 # get an AuthToken from Google accounts 139 auth_uri = 'https://www.google.com/accounts/ClientLogin' 140 authreq_data = urllib.parse.urlencode({ "Email": email_address, 141 "Passwd": password, 142 "service": "ah", 143 "source": appname, 144 "accountType": "HOSTED_OR_GOOGLE" }) 145 request = urllib.request.Request(auth_uri, data=authreq_data) 146 response = opener.open(request) 147 response_body = str(response.read(), 'utf-8') 148 response_dict = dict(x.split("=") for x in response_body.split("\n") if x) 149 return response_dict["Auth"] ... ... 112 # Send the auth token to the AppEngine to login 113 continue_location = "http://localhost/" 114 args = {"continue": continue_location, "auth": auth_token} 115 host = "spititan.appspot.com" % appname 116 url = "https://spititan/_ah/login?%s" % urllib.parse.urlencode(args) ... ...

This tool works fine for me for quite some time, with a little annoyance that I need to provide a password every few days. I noticed that OAuth2 is the current recommended authentication method, so I was able to learn how to use it and write the following code fragment by running doc (http://code.google.com/p/google-api-python-client/wiki/OAuth2) :

  59 storage = oauth2client.file.Storage( 60 os.path.join(FLAGS.data_dir, 'confidential.dat')) 61 62 credentials = storage.get() 63 64 if credentials is None or credentials.invalid == True: 65 flow = oauth2client.client.OAuth2WebServerFlow( 66 client_id='<xxxxx>', 67 client_secret='<xxxxx>', 68 scope='<xxxxx>', 69 user_agent='<xxxx>') 70 71 credentials = oauth2client.tools.run(flow, storage) 72 73 http = httplib2.Http(cache=".cache") 74 http = credentials.authorize(http)

My understanding is “client_id” and “client_secret” are acquired when I register the application, user_agent is a free format string, the problem is what should I add to the “area”? I tried http://spititan.appspot.com/spititan but no luck, does anyone know?

thanks

+6
source share
1 answer

Try scope='https://www.googleapis.com/auth/appengine.admin' . I also searched the application area and found it here:

http://code.google.com/p/googleappengine/source/browse/trunk/python/google/appengine/tools/appcfg.py#143

If you try to do something other than logging in as an administrator, this will not work. AFAIK GAE supports ClientLogin, OAuth 1.0, and ATM OpenID. So there is no OAuth 2.0. I wonder when they will be, though.

0
source

Source: https://habr.com/ru/post/912674/

More articles:


All Articles