4

Context

I'm in the process of migrating a Google App Engine app written in Java over from using OpenId/OAuth1 to OAuth2. I've got the OAuth2 flow working and am able to correctly retrieve/store the tokens for the user.

Issue

The existing authentication logic in the app is on the complex side and leverages the UserService class in the Google App Engine SDK for various functions such as createLoginUrl(), isLoggedIn(), getCurrentUser(), getIsAdmin() and getEntry().

I've seen various posts on Google documentation, blogs, and SO giving examples of UserService being used with OAuth2. I've also seen various posts saying that UserService shouldn't be used given that it's based on OpenId. I haven't been able to find any official documentation from Google stating how to best migrate from using UserService functionality (e.g. should I be creating my own layer on top of the Users/Directory API's to simulate UserService functions?).

The primary concern I have is that UserService will stop working when Google fully deprecates and removes support for OAuth1/OpenId so need to resolve this question before deciding on an implementation approach.

Does anyone have any official guidance on how to handle this scenario? Thanks in advance.

Community
  • 1
  • 1
djpark
  • 181
  • 1
  • 10
  • I'm also interested in this. http://stackoverflow.com/questions/24730568/use-oauth2-for-authentication-compatibility-with-google-appengine-api-users-se I hope Google has plans on providing AppEngine customers a clear migration path, especially with the [deadline](https://developers.google.com/+/api/auth-migration#timetable) being so close. – john2x Jul 15 '14 at 07:21
  • @john2x, I posted a link to this question on the Google+ group discussion for marketplace development. Might be worth +1/commenting to give it some more visibility since our questions are related. https://plus.google.com/114965413919402687520/posts/TnHEyvadmrK – djpark Jul 15 '14 at 16:10
  • I got an answer on my question, but I haven't read it completely yet. Maybe it would help you. http://stackoverflow.com/questions/24730568/use-oauth2-for-authentication-compatibility-with-google-appengine-api-users-se – john2x Jul 16 '14 at 10:26
  • 2
    Thanks john2x. I also reached out to Google support about this issue and here's their response. "Unfortunately there is no clear migration path for this scenario you need to follow other available guides and make differences to your own scenario. Basically, you need to reimplement the functionality of the UserService on your own and then migrate your current users. I am sorry I can not assist you further with this at this stage." – djpark Jul 21 '14 at 17:28

0 Answers0