I want to make a multi-user client-server solution with Java Swing thick client as a front-end and Google AppEngine (Java one) as a back-end.
The problem is that GAE provides only web-based forms for logging in and out, so there's no trivial way to employ Google Accounts features in a thick client.
Can you give some advices/hints/ideas on how to allow a thick client login to and logout from a GAE webapp?
There is a way for client apps to authenticate against Google Accounts, but I don't know if the token you receive can be passed back to AppEngine. See: ClientLogin for Installed Applications
I am sorry, I can only answer you indirectly. It is possible to log in to an app on appspot.com with a Google account. You just have to do everything a browser would, including keeping some cookies and contacting several servers as they bounce you around.
I played around with this for a stillborn project a couple of months ago and ended up with a shell script that mostly runs cURL to log in. Perhaps you could take from it what you need.
#!/bin/bash
my_app="set-this-to-my-app-id"
url="http://$my_app.appspot.com"
curl='curl --cookie-jar cookies'
if [ -z "$EMAIL" -o -z "$PASS" ]; then
echo -n 'Email: '
read EMAIL
echo -n 'Pass: '
read PASS
fi
rm -f cookies auth
echo 'Login'
$curl https://www.google.com/accounts/ClientLogin --output auth \
-d "Email=$EMAIL" -d "Passwd=$PASS" \
-d accountType=HOSTED_OR_GOOGLE \
-d source=$my_app \
-d service=ah
. auth # XXX Be careful here. The output of the above
# command happens to be Bash syntax too!
rm -f auth
echo 'Logging into app and getting cookie'
$curl "$url/_ah/login?continue=$url/console/&auth=$Auth"
echo
echo 'Example POST query'
$curl -X POST --cookie cookies "$url/some/path" -d 'foo=bar'
echo
rm -f cookies
as suggested by @Jason DeFontes the ClientLogin authorization process is addressing this issue.
as a minimal-effort alternative approach, you could embed the web-based (html) forms into your thick client, i.e. use a java component that supports html-rendering (like a JEditorPane
with an HTMLEditorKit
installed) and present this component inside your swing app -- at least users would not need to switch back-and-forth between your app and the browser this way.