GAE客户端上使用OAuth 2.0（认证）令牌 [英] Using OAuth 2.0 (Authentication) token on GAE client

问题描述

我正在寻找一个将最好的方式提供担保，以我的客户[Web的Java脚本/暴徒Android应用]，从而使用户授权/机器只能访问我的应用程序。而在谷歌搜索我发现，我的授权可以使用OAuth 2.0可从谷歌，

I am searching for the a best way to provide security to my clients [web-java script/mob-android app],so that authorize users/machine can only have access to my app. While searching on google I found that for authorization I can use OAuth 2.0 available from google ,

[1]是adviceable要使用OAuth 2.0？

[1] is it adviceable to use OAuth 2.0?

在OAuth 2.0用户在首先我们必须使用谷歌控制台，并可以使用它来创建客户端的令牌在Java脚本客户端，客户端ID <一个href=\"https://developers.google.com/appengine/docs/java/endpoints/consume_js#Java_Adding_authentication_support_with_OAuth_20\"相对=nofollow>给这里

In OAuth 2.0 during first we have to create a token for client using google console and can use that client id in java script client give here

[2]在哪里令牌存储在Web客户端？

[2] On web Client where does token stored?

在开发者网站他们给了

You should write your code to anticipate the possibility that a granted token might no longer work. A token might stop working for one of these reasons:

The user has revoked access.
The token has not been used for six months.
The user account has exceeded a certain number of token requests.
There is currently a 25-token limit per Google user account. If a user account has 25 valid tokens, the next authentication request succeeds, but quietly invalidates the oldest outstanding token without any user-visible warning.

If you need to authorize multiple programs, machines, or devices, one workaround is to limit the  number of clients that you authorize per user account to 15 or 20. If you are a Google Apps admin, you can create additional admin users and use them to authorize some of the clients.

使用OAuth2.0的，我需要有古尔，Facebook帐户或由我自定义的域帐户说www.mysite.com/usr1我可以验证？

Using oAuth2.0 I need to have goole,facebook account or from my custom domain account say www.mysite.com/usr1 i can authenticate ?

问题

[3]一旦令牌是我们可以控制它的续航时间（如何？）产生的或过期只有六个个月后？

[3] Once token is generated can we control its life time(How?) or it expires only after six month?

[4]为每个谷歌帐户的用户，我可以生成25令牌或我的谷歌
      帐户（帐户我用来创建控制台项目），我可以生成25令牌？

[4] for each google account user I can generate 25 tokens or for my google account(Account I used to create console project ) I can generate 25 tokens?

[5]可同样用于多个web客户端用户？

[5] can same token be used for multiple web client users?

访问令牌具有有限的寿命。如果应用程序需要访问谷歌API超越了单一的访问令牌的寿命，它可以获取刷新令牌。刷新令牌允许应用程序，以获得新的访问令牌。

Access tokens have limited lifetimes. If your application needs access to a Google API beyond the lifetime of a single access token, it can obtain a refresh token. A refresh token allows your application to obtain new access tokens.

[6]因为我已经从控制台生成的访问令牌是一样的吗？

[6] Is Access tokens is the same as I have generated from the console?

这是我在哪里可以得到刷新令牌[7]？

[7] from where can I get A refresh token?

任何帮助将AP preciated！

any help will be appreciated!!!

在此先感谢

推荐答案

我使用OAuth，的OAuth2和OpenID在我的GAE Python应用程序验证我的用户，是不是实现柠简单，但对于游客柠有用而简单。

I use oauth, oauth2 and openid to authenticate my user on my GAE python application, is not verry simple to implement but is verry useful and simple for the visitor.

在第一个可以使用的OAuth 2.0操场上，试图通过OAuth玩： https://developers.google .COM / oauthplayground /

In first you can use the oauth 2.0 playground to try and play with oauth: https://developers.google.com/oauthplayground/

1. YES！


2. 在一个饼干。要保护用户，我建议使用CloudFlare的亲得到一个HTTPS URL与您的域名。成本相比非常低买证书，你有在多的服务来加速你的应用程序。


3. 在Python中，你可以定义的续航时间，在JAVA我想是一样的。


4. 标记有效的寿命和特定域。


5. 看点4.您可以请求更新令牌。


6. 我不know.Test与游乐场的工具。


7. 我不明白你的问题。如果你的应用需要从供应商请求数据和令牌已过期，你需要使用刷新键，请求一个新的令牌。

有关信息，但对于Python，我请你看看这个库： https://github.com/scotch/ engineauth

For information but for Python, I invite you to see this library: https://github.com/scotch/engineauth

这篇关于GAE客户端上使用OAuth 2.0（认证）令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！