1

I'm running several apps on Google App Engine. I am using the UserService for Authentication to be able to send emails on behalf of the user etc. and OAuth2 for API authorization.

I am now trying to publish the apps on the Google Apps Marketplace, but I received an email telling me it is required to use OAuth2 for authentication.

As I am just using the supported Google stack I assume there is a way to meet the requirements for publishing my apps on the Google Apps Marketplace but right now I'm stuck.

jonathanberi
  • 1,867
  • 1
  • 14
  • 24
dflorey
  • 1,828
  • 3
  • 19
  • 31

2 Answers2

1

This is similar to another question. The challenge is that the User service is using still using OpenID. You'll need to use a Client library to authenticate the user.

Here are good samples in Python & Java.

Community
  • 1
  • 1
jonathanberi
  • 1,867
  • 1
  • 14
  • 24
  • But how can I send out emails *on behalf of the user* then? This requires that the user is logged in using the UserService. – dflorey Feb 20 '14 at 18:38
  • Than what your looking for is [Service Accounts](https://developers.google.com/apps-marketplace/building#using_google_services_from_a_web_server_app_with_offline_access) with OAuth2. There is a detailed walkthrough for [Drive](https://developers.google.com/drive/web/delegation) that you should be able to build upon. – jonathanberi Feb 20 '14 at 18:51
  • First of all: Thanks a lot for taking care. But I don't see how ServiceAccounts can help me to login to App Engine as an authenticated user to be able to send emails as the logged in user. Do you have an example for that? – dflorey Feb 20 '14 at 23:52
  • @jonathanberi, to clarify, are you saying that UserService should not be used at all? For some context, I'm currently using UserService.createLoginUrl() to log the user into my app then initiating the oauth2 flow to get/set appropriate oauth2 tokens. Benefit of using UserService is that I have easy access to functions like isLoggedIn(), isAdmin(), etc. for the currently logged in user. I'm hoping I can continue to use these functions... Thanks! – djpark Jul 09 '14 at 04:32
0

Currently we use Openid 2.0 for user authentication and Oauth for authorization of other services. Openid 2.0 is deprecated and Google will not provide authentication using Open Id. For time line refer this link https://developers.google.com/+/api/auth-migration#timetable

So they are suggesting to use OpenidConnect for authentication of user. OpenIdConnect is a layer written over Oauth 2.0 for authentication of user.

For references visit http://openid.net/connect/ and https://developers.google.com/accounts/docs/OAuth2Login?hl=ja#appsetup

Bharathi
  • 451
  • 1
  • 6
  • 17