Our web application does not offer Google Accounts authentication. We have implemented our own authentication using WebApp2 Authentication: http://webapp-improved.appspot.com/tutorials/auth.html.
We'd like to use Cloud Endpoints as an API for mobile apps/third party developers but we would still like to use oAuth2 for authentication.
What are the steps required to implement this? Do we need to setup our own oAuth server on AppEngine and will the Google client libraries be compatible?
你不必做任何事情。我在 app-engine 上有一个联合登录应用程序,我最近在其中添加了一个使用 Cloud Endpoints 的 Android 应用程序。您不必做任何特别的事情,只需将 User 参数放入您的函数中。在用户对象中,您将找到您必须授权才能访问数据的用户电子邮件。
@Api(name = "my_api",
version = "v1",
scopes = {"https://www.googleapis.com/auth/userinfo.email"},
clientIds = {Constants.AUTH_CLIENT,
Constants.AUTH_CLIENT_APIEXPLORER})
public class MyEndpoint {
@ApiMethod(name = "fistEndpoint")
public ResponseObject fistEndpoint(User user) throws OAuthRequestException {
if (user == null) {
throw new OAuthRequestException("Access denied!");
}
String email = user.getEmail();
//Authorize the request here
//make the ResponseObject and return it
}
}
创建端点后访问: https ://your-app.appspot.com/_ah/api/explorer并对其进行测试
更新: 上面的示例仅限于 Google 帐户。如果您想要不同类型的帐户,可以查看这篇文章: Google Cloud Endpoints 的自定义身份验证(而不是 OAuth2)
Google Cloud Endpoints 是无状态的,因此如果您不使用 Google 身份验证,则无法将用户电子邮件检索到端点中。
实际上,端点只是 http 请求,因此您可以将您的信息传递给 http 授权,就像承载一样。您可以完全访问这些端点信息。
我希望它会帮助你。