如何从一个（非Web）Python客户端访问身份验证的谷歌应用程序引擎服务？ [英] How do you access an authenticated Google App Engine service from a (non-web) python client?

问题描述

我有一个谷歌App Engine应用程序 - http://mylovelyapp.appspot.com/
它有一个页面 - mylovelypage

I have a Google App Engine app - http://mylovelyapp.appspot.com/ It has a page - mylovelypage

目前，网页少了点 self.response.out.write（'OK'）

如果我运行下面的Python我的电脑：

If I run the following Python at my computer:

import urllib2
f = urllib2.urlopen("http://mylovelyapp.appspot.com/mylovelypage")
s = f.read()
print s
f.close()

它打印OK

问题是如果我添加登录：需要此页面中应用程序的YAML

the problem is if I add login:required to this page in the app's yaml

那么这个打印出的谷歌帐户登录页面的HTML

then this prints out the HTML of the Google Accounts login page

我试过正常的身份验证方法。例如。

I've tried "normal" authentication approaches. e.g.

passman = urllib2.HTTPPasswordMgrWithDefaultRealm()

auth_handler = urllib2.HTTPBasicAuthHandler()
auth_handler.add_password(None,
                          uri='http://mylovelyapp.appspot.com/mylovelypage',
                          user='billy.bob@gmail.com',
                          passwd='billybobspasswd')
opener = urllib2.build_opener(auth_handler)
urllib2.install_opener(opener)

但它没有什么区别 - 我仍然获得登录页面的HTML回

But it makes no difference - I still get the login page's HTML back.

我试过谷歌的ClientLogin的权威性API ，但我不能得到它的工作。

I've tried Google's ClientLogin auth API, but I can't get it to work.

h = httplib2.Http()

auth_uri = 'https://www.google.com/accounts/ClientLogin'
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
myrequest = "Email=%s&Passwd=%s&service=ah&source=DALELANE-0.0" % ("billy.bob@gmail.com", "billybobspassword")
response, content = h.request(auth_uri, 'POST', body=myrequest, headers=headers)

if response['status'] == '200':
    authtok = re.search('Auth=(\S*)', content).group(1)

    headers = {}
    headers['Authorization'] = 'GoogleLogin auth=%s' % authtok.strip()
    headers['Content-Length'] = '0'

    response, content = h.request("http://mylovelyapp.appspot.com/mylovelypage", 
                                  'POST', 
                                  body="", 
                                  headers=headers)

    while response['status'] == "302":        
        response, content = h.request(response['location'], 'POST', body="", headers=headers) 

    print content

我似乎能够正确地得到一些道理，但尝试当我打电话mylovelypage仍然只是回到我的登录页面的HTML使用它的头。 :-(

I do seem to be able to get some token correctly, but attempts to use it in the header when I call 'mylovelypage' still just return me the login page's HTML. :-(

谁能帮助吗？

我能使用的GData客户端库做这样的事情？从
我读过，我想应该能够访问App Engine应用，
但我一直没有什么更大的成功在得到认证的App Engine的东西在那里工作或者

Could I use the GData client library to do this sort of thing? From what I've read, I think it should be able to access App Engine apps, but I haven't been any more successful at getting the authentication working for App Engine stuff there either

来样，文章，甚至只是关键字的任何指针应该是我
寻找让我开始，将非常AP preciated。

Any pointers to samples, articles, or even just keywords I should be searching for to get me started, would be very much appreciated.

谢谢！

推荐答案

appcfg.py的工具，上传数据到App Engine要做的正是这一点本身与App Engine的服务器进行身份验证。相关功能被抽象成appengine_rpc.py。概括地说，解决的办法是：

appcfg.py, the tool that uploads data to App Engine has to do exactly this to authenticate itself with the App Engine server. The relevant functionality is abstracted into appengine_rpc.py. In a nutshell, the solution is:

1. 使用谷歌的ClientLogin API 以获得身份验证令牌。 appengine_rpc.py做到这一点的<一个href=\"http://$c$c.google.com/p/googleappengine/source/browse/trunk/python/google/appengine/tools/appengine%5Frpc.py#180\">_GetAuthToken


2. 发送身份验证令牌到一个特殊的URL在你的App Engine应用程序。该网页然后返回一个cookie和302重定向。忽略重定向并存储的cookie。 appcfg.py做到这一点的<一个href=\"http://$c$c.google.com/p/googleappengine/source/browse/trunk/python/google/appengine/tools/appengine%5Frpc.py#228\">_GetAuthCookie


3. 使用返回的cookie在今后所有的请求。

1. Use the Google ClientLogin API to obtain an authentication token. appengine_rpc.py does this in _GetAuthToken
2. Send the auth token to a special URL on your App Engine app. That page then returns a cookie and a 302 redirect. Ignore the redirect and store the cookie. appcfg.py does this in _GetAuthCookie
3. Use the returned cookie in all future requests.

您可能也想看看<一个href=\"http://$c$c.google.com/p/googleappengine/source/browse/trunk/python/google/appengine/tools/appengine%5Frpc.py#253\">_Authenticate,看到appcfg如何处理各种收益codeS由ClientLogin的，而<一href=\"http://$c$c.google.com/p/googleappengine/source/browse/trunk/python/google/appengine/tools/appengine%5Frpc.py#397\">_GetOpener,看到appcfg如何创造一个不遵循HTTP重定向的urllib2 OpenerDirector。或者你可以，其实，只需使用AbstractRpcServer和HttpRpcServer类批发，因为他们做的pretty多少你需要的一切。

You may also want to look at _Authenticate, to see how appcfg handles the various return codes from ClientLogin, and _GetOpener, to see how appcfg creates a urllib2 OpenerDirector that doesn't follow HTTP redirects. Or you could, in fact, just use the AbstractRpcServer and HttpRpcServer classes wholesale, since they do pretty much everything you need.

这篇关于如何从一个（非Web）Python客户端访问身份验证的谷歌应用程序引擎服务？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！