为什么Google App Engine在登录过程中为我的“继续”位置追加路径？ [英] Why does Google App Engine append a path to my 'continue' location during login?

问题描述

我使用Greasemonkey脚本中的一个非常简单的GAE实例。这在过去的几个月中运行良好，但现在一个路径被追加到最终的'continue'位置，这为我打破了登录过程。

基本工作流程假设用户已登录他的Google帐户，但他的GAE实例标记已超时：

1. 用户打开页面A GM脚本运行并尝试使用GM_xmlhttpRequest（）访问GAE实例。


2. GAE实例返回login_needed |< loginurl>中。 GM脚本提取loginurl并在其上设置 window.location 。


3. 用户被重定向到loginurl并最终返回到A 。然而，这一次，实际数据是由GM_xmlhttpRequest（）返回的。
   




最后一步不再起作用，因为用户是现在重定向到loginurl 加上一些，它在目标网站上给出了一个404。





GAE代码只有大约一半的代码屏幕。认证相关的代码是这样的：

pre $ 如果不是users.get_current_user（）：
self.response.headers ['内容类型'] ='text / plain'
self.response.out.write（'login_needed |'+ users.create_login_url（self.request.get（'uri'）））


请求顺序如下，全部由重定向引起：





• GET https://mygaeinstance.appspot.com/?uri=https://targetsite.com/


• GET https://www.google.com/accounts/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttps://targetsite.com/ & ltmpl = gm& ahname = MyGAEInstance& sig =< some sig>


• GET https://appengine.google.com/_ah/conflogin？继续= https％3A％2F％2Ftargetsite.com％2F& pli = 1& auth =<一些base64授权令牌>


• GET https：// targetsite.com/_ah/conflogin?state=<some base64 state>






targeite.com不喜欢该路径，正如您所看到的，它并不在最初传递给appengine.google的continue参数中.com，它只是https://targetsite.com/。我做错了什么，我该如何解决这个问题？

解决方案

最近对App Engine的登录流的更改创建了一个问题，即在应用自己的域名之外使用持续网址的登录信息会导致错误的重定向，例如您正在观察的重定向。




我们正在努力修复这个。与此同时，解决方法是在您自己的应用程序上设置重定向处理程序。将该参数设置为continue参数的目标，并将其最终重定向发送到您的实际目标。




I'm using a very simple GAE instance from a Greasemonkey script. This worked fine for the last months, but now a path is appended to the final 'continue' location, which breaks the login process for me.

The basic workflow, under the assumption that the user is logged into his Google Account, but his token for the GAE instance has timed out:

1. User opens page A with the GM script installed.
2. The GM script runs and tries to access the GAE instance with a GM_xmlhttpRequest().
3. The GAE instance returns "login_needed|<loginurl>". The GM script extracts the loginurl and sets window.location on it.
4. The user is redirected to the loginurl and eventually back to A. However, this time, actual data is returned by the GM_xmlhttpRequest().

The last step no longer works, as the user is now redirected to the loginurl plus some, which gives a 404 on the target site.

The GAE code is just about half a screen of code. The authentication relevant code is this:

if not users.get_current_user():
    self.response.headers['Content-Type'] = 'text/plain'
    self.response.out.write('login_needed|'+users.create_login_url(self.request.get('uri')))

The sequence of requests is as follows, all caused by redirects:

• GET https://mygaeinstance.appspot.com/?uri=https://targetsite.com/
• GET https://www.google.com/accounts/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttps://targetsite.com/&ltmpl=gm&ahname=MyGAEInstance&sig=<some sig>
• GET https://appengine.google.com/_ah/conflogin?continue=https%3A%2F%2Ftargetsite.com%2F&pli=1&auth=<some base64 auth token>
• GET https://targetsite.com/_ah/conflogin?state=<some base64 state>

targetsite.com doesn't like that path and as you can see, it wasn't in the initial 'continue' argument passed to appengine.google.com, which was just "https://targetsite.com/". What did I do wrong and how can I fix this?

解决方案

A recent change to our login flow for App Engine has created an issue whereby a login with a continue URL that's outside the app's own domain will result in an erroneous redirect such as the one you're observing.

We're working on fixing this. In the meantime, a workaround is to set up a redirect handler on your own app. Make that the target of the continue parameter, and have it send a final redirect to your actual target.

这篇关于为什么Google App Engine在登录过程中为我的“继续”位置追加路径？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！