geeky.blogger

yet another blog about computer, technology, programming, and internet

Monday, May 02, 2011

Using ClientLogin to do Authentication for App Engine Application

Monday, May 02, 2011 Posted by Ismail Habib , 35 comments
General information about ClientLogin: http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html

Discussion on Google Groups (including the original solution posted by geoffd123):
http://groups.google.com/group/google-appengine-java/browse_thread/thread/c96d4fff73117e1d

My solution uses Apache Http library instead of HttpUnit.
public static String loginToGoogle(String userid, String password,
   String appUrl) throws Exception {
  HttpClient client = new DefaultHttpClient();
  HttpPost post = new HttpPost(
    "https://www.google.com/accounts/ClientLogin");
  
  MultipartEntity reqEntity = new MultipartEntity();
  reqEntity.addPart("accountType", new StringBody("HOSTED_OR_GOOGLE",
    "text/plain", Charset.forName("UTF-8")));
  reqEntity.addPart("Email", new StringBody(userid));
  reqEntity.addPart("Passwd", new StringBody(password));
  reqEntity.addPart("service", new StringBody("ah"));
  reqEntity.addPart("source", new StringBody(
    "YourCompany-YourApp-YourVersion"));
  post.setEntity(reqEntity);
  HttpResponse response = client.execute(post);
  if (response.getStatusLine().getStatusCode() == 200) {
   InputStream input = response.getEntity().getContent();
   String result = IOUtils.toString(input);
   String authToken = getAuthToken(result);
   post = new HttpPost(appUrl + "/_ah/login?auth=" + authToken);
   response = client.execute(post);
   Header[] cookies = response.getHeaders("SET-COOKIE");
   for (Header cookie : cookies) {
    if (cookie.getValue().startsWith("ACSID=")) {
     return cookie.getValue();
    }
   }
   throw new Exception("ACSID cookie cannot be found");
  } else
   throw new Exception("Error obtaining ACSID");
 }
A simple example on how to use it:

String authCookie = logonHelper.loginToGoogle("email@gmail.com",
   "password","http://yourapp.appspot.com");  
DefaultHttpClient client = new DefaultHttpClient();
HttpGet get = new HttpGet("http://yourapp.appspot.com/service");
get.setHeader("Cookie", authCookie);
HttpResponse response = client.execute(get);
response.getEntity().writeTo(System.out);