Has anyone had any luck getting 2 Legged Oauth working with the Admin SDK and python?
The only thing I can see in the docs at https://developers.google.com/admin-sdk/directory/v1/guides/authorizing about 2LO is the following:
"If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access (hybrid) or domain-wide delegation of authority (2LO), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key. You can find your application's API key in the Google APIs Console, in the Simple API Access section of the API Access pane."
In searching Googles site, I am able to find examples on using 2LO with the gdata libraries but nothing about using it with the newer sdks....
If someone can point me to the right set of docs - or an example of how to use 2LO w/ the new SDK - it would be appreciated.
Thanks
The new Admin SDK Directory and Reports APIs support OAuth 1.0 authentication including 2-legged OAuth. However, the Google API Python Client library has removed OAuth 1.0 support.
If possible, you should upgrade to OAuth 2.0 and (possibly) Service Accounts (2-legged replacement) for your application.
I did have a Apps Marketplace App that I wanted to use the Directory API with but marketplace is still 2-legged OAuth only. I managed to get the Directory API working with 2-legged using the gdata library to authenticate and low level POST / GET library calls. A quick example:
Get user in Google Apps using 2LO, Admin API and old GData library:
gapps = gdata.client.GDClient()
gapps.ssl = True
gapps.auth_token = gdata.gauth.TwoLeggedOAuthHmacToken(two_legged.key, two_legged.secret, user_email)
uri = 'https://www.googleapis.com/admin/directory/v1/users/%s' % user_email
user_results = gapps.request(method='GET', uri=uri)
user_json = json.loads(user_results.read())
A better way to do this might be to utilize the old GData library to generate the needed 2-legged OAuth headers, then rip those headers out and stick them into discovery objects generated by the new Google API library but I've not yet worked out wha that would look like, shouldn't be terribly hard though.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 在下西门庆 的文章《Admin SDK and 2 Legged Oauth》','https://www.manongdao.com/article-724715.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}