Here is what I'm trying to do:
I want to be able to finish the "OAuth token dance" and gain an access token so I can then use that to connect to googles IMAP api for a user.
Here are my problems:
I feel like I've tried almost everything. I've tried using the GDClient, GDataService, and Django Social Auth OAuth clients but I still come up empty. I've ran into scenarios where google would build the authorization url but the initial request token returns empty, preventing me from being able to gain an access token (that happened while I was using the GDataClient).
Here is what I would like to have:
A complete resource/tutorial/sample of how to gain an access token from google using OAuth or OAuth2.0. I'm pretty sure I can work the IMAP API out on my own. I am using the django framework, but I'm willing to switch from that if there is a better option.
Note: google does have good information in their documentation but i feel like it is too scrambled at the moment. I found myself mixing OAuth and OAuth2.0 because of it.
Any help is greatly appreciated. I will personally consider anyone who has pulled off google authentication using OAuth or OAuth2.0 awesome, because you would have to be if you used the documentation I have come across.
Sample
def index(request):
scopes = ['https://docs.google.com/feeds/','https://www.google.com/calendar/feeds/']
client = gdata.docs.client.DocsClient(source='Trinity-EmailManager-v1')
client.ssl = True
client.http_client.debug = True
oauth_callback_url = settings.GOOGLE_CALLBACK_URL
request_token = client.GetOAuthToken(
scopes, oauth_callback_url, settings.GOOGLE_CONSUMER_KEY, consumer_secret=settings.GOOGLE_CONSUMER_SECRET)
return HttpResponse(request_token)
With some Google APIs, you can make authorized API calls using a signed JWT instead of using OAuth 2.0, which can save you a network request. See Addendum: Service account authorization without OAuth.
OAuth 2.0, which stands for “Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user. It replaced OAuth 1.0 in 2012 and is now the de facto industry standard for online authorization.
I haven't done it in django, but I did patch OpenID using Google exclusively into a Pylons project. I just used Python OpenID. Its been a few months since I set that up, but I seem to remember the Google Documentation and the Documentation for the OpenID package to be reasonable to get me through it, although it took quite a bit to get over a few of the hurdles. If I remember correctly, the biggest problem was getting Google to give me back the data I wanted, which was in setting up the AX Requests properly.
In the model I was using, you set up the Authentication request, present a link to the user, and it calls back to your page. The consumer object from the OpenID package was able to take the redirect from Google and parse it just fine then.
Can you be a little more specific about what is going on? You mention that the request token was empty, which I handle by assuming an issue with the authentication. Are you getting no response at all?
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With