Best IT Recipes

How to access a authenticated Google App Engine service from a python client (not a website)?

I have a Google App Engine application - http://mylovelyapp.appspot.com/ He has a page - mylovelypage

At the moment, the page just does self.response.out.write('OK')

If I run the following Python on my computer:

 import urllib2 f = urllib2.urlopen("http://mylovelyapp.appspot.com/mylovelypage") s = f.read() print s f.close()

he prints ok

the problem is that i am adding login:required to this page in yaml application

then this will display the google account login HTML page

I tried the "normal" authentication approaches. eg.

 passman = urllib2.HTTPPasswordMgrWithDefaultRealm() auth_handler = urllib2.HTTPBasicAuthHandler() auth_handler.add_password(None, uri='http://mylovelyapp.appspot.com/mylovelypage', user='billy.bob@gmail.com', passwd='billybobspasswd') opener = urllib2.build_opener(auth_handler) urllib2.install_opener(opener)

But that doesn't matter - I still returned the login HTML page.

I tried the Google ClientLogin auth API , but I can't get it to work.

 h = httplib2.Http() auth_uri = 'https://www.google.com/accounts/ClientLogin' headers = {'Content-Type': 'application/x-www-form-urlencoded'} myrequest = "Email=%s&Passwd=%s&service=ah&source=DALELANE-0.0" % ("billy.bob@gmail.com", "billybobspassword") response, content = h.request(auth_uri, 'POST', body=myrequest, headers=headers) if response['status'] == '200': authtok = re.search('Auth=(\S*)', content).group(1) headers = {} headers['Authorization'] = 'GoogleLogin auth=%s' % authtok.strip() headers['Content-Length'] = '0' response, content = h.request("http://mylovelyapp.appspot.com/mylovelypage", 'POST', body="", headers=headers) while response['status'] == "302": response, content = h.request(response['location'], 'POST', body="", headers=headers) print content

It seems to me that I can get some token correctly, but trying to use it in the header when I call "mylovelypage" still returns me the HTML login page. :-(

Can someone please help?

Can I use the GData client library for this? From what I read, I think it should have access to App Engine applications, but I have not been more successful in getting the authentication working there for App Engine applications, and

Any pointers to samples, articles, or even just keywords that I should be looking to get me started would be greatly appreciated.

Thank!

+52
python authentication google-app-engine web-services
Sep 19 '08 at 13:19
source share
5 answers

appcfg.py, a tool that loads data into App Engine, must do just that in order to authenticate with the App Engine server. The corresponding functionality is abstracted on appengine_rpc.py. In a nutshell, the solution:

  • To get the authentication token, use the Google ClientLogin API . appengine_rpc.py does this in _ GetAuthToken
  • Send the authorization token to the special URL of the App Engine application. This page then returns the cookie and redirect 302. Ignore the redirect and save the cookie. appcfg.py does this in _ GetAuthCookie
  • Use the returned cookie in all future requests.

You can also look at _ Authenticate to find out how appcfg handles various return codes from ClientLogin and _ GetOpener to find out how appcfg creates urlib2 OpenerDirector that does not perform HTTP redirects. Or you could just use the AbstractRpcServer and HttpRpcServer classes in bulk, as they do almost everything you need.

+39
Sep 19 '08 at 14:55
source share

thanks to Arachnid for the answer - he worked as suggested

here is a simplified copy of the code if it is useful for the next person to try!

 import os import urllib import urllib2 import cookielib users_email_address = "billy.bob@gmail.com" users_password = "billybobspassword" target_authenticated_google_app_engine_uri = 'http://mylovelyapp.appspot.com/mylovelypage' my_app_name = "yay-1.0" # we use a cookie to authenticate with Google App Engine # by registering a cookie handler here, this will automatically store the # cookie returned when we use urllib2 to open http://currentcost.appspot.com/_ah/login cookiejar = cookielib.LWPCookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookiejar)) urllib2.install_opener(opener) # # get an AuthToken from Google accounts # auth_uri = 'https://www.google.com/accounts/ClientLogin' authreq_data = urllib.urlencode({ "Email": users_email_address, "Passwd": users_password, "service": "ah", "source": my_app_name, "accountType": "HOSTED_OR_GOOGLE" }) auth_req = urllib2.Request(auth_uri, data=authreq_data) auth_resp = urllib2.urlopen(auth_req) auth_resp_body = auth_resp.read() # auth response includes several fields - we're interested in # the bit after Auth= auth_resp_dict = dict(x.split("=") for x in auth_resp_body.split("\n") if x) authtoken = auth_resp_dict["Auth"] # # get a cookie # # the call to request a cookie will also automatically redirect us to the page # that we want to go to # the cookie jar will automatically provide the cookie when we reach the # redirected location # this is where I actually want to go to serv_uri = target_authenticated_google_app_engine_uri serv_args = {} serv_args['continue'] = serv_uri serv_args['auth'] = authtoken full_serv_uri = "http://mylovelyapp.appspot.com/_ah/login?%s" % (urllib.urlencode(serv_args)) serv_req = urllib2.Request(full_serv_uri) serv_resp = urllib2.urlopen(serv_req) serv_resp_body = serv_resp.read() # serv_resp_body should contain the contents of the # target_authenticated_google_app_engine_uri page - as we will have been # redirected to that page automatically # # to prove this, I'm just gonna print it out print serv_resp_body
+34
Sep 19 '08 at 16:22
source share

for those who cannot get ClientLogin to work, try the OAuth support application.

+1
Jan 27 '11 at 6:59 a.m.
source share

I'm not too familiar with AppEngine or Googles web apis, but for brute-force approach you can write a script with something like mechanize ( http://wwwsearch.sourceforge.net/mechanize/ ) to just go through the login process before you begin to do real customer work.

0
Sep 19 '08 at 14:16
source share

I am not a python expert or an application engine expert. But did you try a sample appl at http://code.google.com/appengine/docs/gettingstarted/usingusers.html . I created it at http://quizengine.appspot.com , it worked great with Google Authentication and everything else. Just a suggestion, but look at the getting started guide. Calm down if the sentence sounds naive. :) Thank you.

-one
Sep 19 '08 at 14:16
source share


More articles:


All Articles