views:

497

answers:

2

I would like to pull the Auth Token for the Gdata auth so that I can write to a google calendar. I am having issues getting the token after authentication so that I can send the token to the calendar service.

I am using the default login screen provided by appengine (/_ah/login) and I am able to login and authenticate, however, I am unable to pull the Auth Token out of the self.request.uri because the URL is being rewritten:

Example:

Login Screen Redirect from kiddushfund.appspot.com/admin https://www.google.com/accounts/ServiceLogin?service=ah&continue=http://appname.appspot.com/_ah/login%3Fcontinue%3Dhttp://appname.appspot.com/admin&ltmpl=gm&ahname=App+Name&sig=65e70293a754da54fe06ecbedbb59213

This is after authentication and the URL was pulled out of firebug http://appname.appspot.com/_ah/login?continue=http://appname.appspot.com/admin&auth=DQAAAL0AAAD9X_Noig8blUlg_KA02UbjgBC2yWl8XKXIVA3SI5ZQ7pJOyL4SyYPpKu5jOLAw0ol0rSUVBENBMmWC2DkH6sTxx3AlSF4UI_LcByDlacBV3Fy1At80h_ML97fLeu0LLQbgzuLxY_wTHBb5svkCVDOeVABFKf98qvZ62SGl0PrDTxs1P3lCF04ooDdFilDecGUoED6hbnjd9P7-6eqxOO9nrBCSk571uyWZCLIA-1I5f3Om_MqAIPmi_5mqLXOSv0I

This is the final URL after the authentication but I'm not able to pull the token anymore http://appname.appspot.com/admin

This seems like a really simple problem and any help would be appreciated. Thanks.

from google.appengine.ext.webapp.util import run_wsgi_app
from google.appengine.api import users
from google.appengine.ext import webapp

import atom
import settings
import os
import urllib
import urllib2
import cookielib

import gdata.service
import gdata.auth
import gdata.alt.appengine
import gdata.calendar
import gdata.calendar.service


class Auth(webapp.RequestHandler):
    def __init__(self):
        self.calendar_client = gdata.calendar.service.CalendarService()
        gdata.alt.appengine.run_on_appengine(self.calendar_client)

def get(self):
    user = users.get_current_user()
    if user:
        token_request_url = None
        auth_token = gdata.auth.extract_auth_sub_token_from_url(self.request.uri)

        if auth_token:
            self.calendar_client.SetAuthSubToken(self.calendar_client.upgrade_to_session_token(auth_token))

        if not isinstance(self.calendar_client.token_store.find_token(
                'http://www.google.com/calendar/feeds/'),gdata.auth.AuthSubToken):
                token_request_url = gdata.auth.generate_auth_sub_url(self.request.uri,
                ('http://www.google.com/calendar/feeds/default/',))

        #This is where I were I would look for the token but the self.request.url
        # is only return http://appname.appspot.admin - with no token.  
        self.response.out.write(self.request.uri)

    else:
        self.redirect(users.create_login_url(self.request.uri))



def main():
    application = webapp.WSGIApplication([('/.*', Auth),], debug=True)
    run_wsgi_app(application)

if __name__ == '__main__':
    main()
+3  A: 

The login screen only authenticates the user to your application, it does not give you authorization to the user's gdata.

You will need to have the user authorize your use of the calendar api - I suggest through oauth here: http://code.google.com/apis/gdata/docs/auth/overview.html#OAuth.

You only need to do this once, and then store the oauth token for that user for all subsequent calls.

dar
Thanks for the clarification and pointing me in the right direction. The solution that I found that works for me is in http://code.google.com/apis/gdata/docs/auth/clientlogin.htmlThe solution was to call the client.ClientLogin(email,password, source=application_name) after I call gdata.calendar.service.CalendarService()
markkoberlein
While it is certainly possible to use the clientlogin method, some users will be wary of giving you their username and password. Should they change their password or email address you will need to ask for it again. But if you use the oauth or authsub approach you do not need to ask for the username and password if they change them as I understand it. Something to consider if you need to access the gdata api repeatedly.
dar
A: 

There are limitations about number of tokens outstanding - e.g. numbers of users possible. What about number of ClientLogin tokens outstanding?