Using OAuth2 on GAE in python

2019-05-31 23:14发布

站内问答 / Python
801 1 4

I'm trying to create a GAE app in which a user can visit the appspot domain, be authorized (or not) using OAuth2 and then have one of their Google spreadsheets modified in an automated way using gdata.spreadsheet.service. I've gotten this to work using SignedJwtAssertionCredentials, but in that case the user must specifically allow editing from the app; I'm trying to skip this step, and have the app modify the user's spreadsheet from their own account using OAuth2.

The documentation provided by Google says that decorators are the easiest way to accomplish this, doing something like this:

from apiclient.discovery import build
from google.appengine.ext import webapp
from oauth2client.appengine import OAuth2Decorator

decorator = OAuth2Decorator(
  client_id='your_client_id',
  client_secret='your_client_secret',
  scope='https://www.googleapis.com/auth/calendar')

service = build('calendar', 'v3')

...

  @decorator.oauth_required
  def get(self):
    # Get the authorized Http object created by the decorator.
    http = decorator.http()
    # Call the service using the authorized Http object.
    request = service.events().list(calendarId='primary')
    response = request.execute(http=http)

but I have no idea what to the do with this service object to accomplish my goal with the spreadsheet modification. Any general tips or specific tips on how to work with the service object would be helpful.

1条回答
Viruses.
2楼-- · 2019-05-31 23:45

In the provided example you're constructing a calendar service using Google Calendar API, which is not GData based API. For GData based API's you'll have to use gdata.gauth instead.

Please note that gdata.spreadsheet.service will not work with gdata.gauth as it only supports deprecated ClientLogin (check the SpreadsheetsService constructor available at [1]). You should use gdata.spreadsheets.client instead.

Complete SpreadsheetsClient documentation is available at [2]. You may consider this example where a worksheet is added to the spreadsheet:

import webapp2
import cgi
import atom.data
import gdata.data
import gdata.spreadsheets.client

from oauth2client.client import OAuth2WebServerFlow

SCOPE = 'https://spreadsheets.google.com/feeds'

flow = OAuth2WebServerFlow(
  client_id='your_client_id',
  client_secret='your_client_secret',
  scope=SCOPE,
  redirect_uri='https://your_app.appspot.com/oauth2callback',
  response_type='code')


class OAuthCalback(webapp2.RequestHandler):
    def get(self):
        # Get auth code
        auth_code = cgi.escape(self.request.get('code'))

        # Exchange auth code for credentials
        credentials = flow.step2_exchange(auth_code)

        # Get token from credentials
        auth2token = gdata.gauth.OAuth2Token(client_id=credentials.client_id,
          client_secret=credentials.client_secret,
          scope=SCOPE,
          access_token=credentials.access_token,
          refresh_token=credentials.refresh_token,
          user_agent='AppEngine-Google;(+http://code.google.com/appengine; appid: your_app_id)')

        # Construct client
        spreadsheets_client = gdata.spreadsheets.client.SpreadsheetsClient(source='https://your_app.appspot.com', auth_token=auth2token)

        # Authorize it
        auth2token.authorize(spreadsheets_client)

        # Spreadsheet key
        key = 'your_spreadsheet_key'

        # Add worksheet to the spreadsheet
        entry = spreadsheets_client.add_worksheet(key, 'test', 7, 10)


class MainHandler(webapp2.RequestHandler):
    def get(self):
        # Get url to start authorization
        auth_url = flow.step1_get_authorize_url()

        # Render link
        content = '<a style="display:inline" href="' + auth_url + ' "target="_blank">Authorize</a>'
        self.response.out.write(content)


app = webapp2.WSGIApplication([('/', MainHandler),
                                ('/oauth2callback', OAuthCalback),
                                ], debug=True)

And regarding OAuth, I would use OAuth2WebServerFlow instead (See [3] for more information). Credentials object can be serialized and deserialized with pickle. Even easier way to store credentials object is described at [4].

[1] - https://code.google.com/p/gdata-python-client/source/browse/src/gdata/spreadsheet/service.py?r=f7a9cb244df430d960f6187ee0fbf85fe0218aac
[2] - https://gdata-python-client.googlecode.com/hg/pydocs/gdata.spreadsheets.client.html#SpreadsheetsClient
[3] - https://developers.google.com/api-client-library/python/guide/aaa_oauth#OAuth2WebServerFlow
[4] - https://developers.google.com/api-client-library/python/guide/google_app_engine#Credentials

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)