Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Google Data API authentication

I am trying to get my Django app (NOT using Google app engine) retrieve data from Google Contacts using Google Contacts Data API. Going through authentication documentation as well as Data API Python client docs

First step (AuthSubRequest) which is getting the single-use token works fine. The next step(AuthSubSessionToken), which is upgrade single-use token to a session token. The python API call UpgradeToSessionToken() simply didn't work for me it gave me NonAuthSubToken exception:

gd_client = gdata.contacts.service.ContactsService()
gd_client.auth_token = authsub_token
gd_client.UpgradeToSessionToken() 

As an alternative I want to get it working by "manually" constructing the HTTP request:

url = 'https://www.google.com/accounts/AuthSubSessionToken'
headers = {
               'Content-Type': 'application/x-www-form-urlencoded',
               'Authorization': 'AuthSub token=' + authsub_token,
               'User-Agent': 'Python/2.6.1',
               'Host': 'https://www.google.com', 
               'Accept': 'text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2',
               'Connection': 'keep-alive',
           }
req = urllib2.Request(url, None, headers)
response = urllib2.urlopen(req)

this gives me a different error:

HTTP Error 302: The HTTP server returned a redirect error that would lead to an infinite loop. The last 30x error message was: Moved Temporarily

What am I doing wrong here? I'd appreciate help/advice/suggestions with either of the methods I am trying to use: Python API call (UpgradeToSessionToken) or manually constructing HTTP request with urllib2.

like image 522
Sergey Golovchenko Avatar asked Mar 30 '09 00:03

Sergey Golovchenko


People also ask

How do I authenticate my Google API?

User accounts With a user account, you can authenticate to Google APIs and services in the following ways: Use the gcloud CLI to set up Application Default Credentials (ADC). Use the gcloud CLI to generate access tokens. Use your user credentials to impersonate a service account.

Is OAuth Authn or Authz?

OAuth is an authorization protocol. It is not designed for authentication. Yes, there is a step in the OAuth process where the identity server authenticates a resource owner. The way it happens does not belong to the OAuth protocol.

Does Google OAuth use JWT?

Whether you use the JWT operations or the traditional operations that create opaque string tokens, the basic use of the OAuthV2 policy is the same. You can use JWT access tokens with all of the supported OAuthV2 grant types. See also Introduction to OAuth 2.0.

Is Google OAuth an API?

Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for web server, client-side, installed, and limited-input device applications. To begin, obtain OAuth 2.0 client credentials from the Google API Console.


1 Answers

According to the 2.0 documentation here there is a python example set...

Running the sample code

A full working sample client, containing all the sample code shown in this document, is available in the Python client library distribution, under the directory samples/contacts/contacts_example.py.

The sample client performs several operations on contacts to demonstrate the use of the Contacts Data API.

Hopefully it will point you in the right direction.

like image 101
Michael Avatar answered Sep 19 '22 18:09

Michael