Thanks for the feedback Ikai! So it sounds like if I want to use linkedin as my only "login" option using their oauth service, then I'll need to roll my own management of users, rather than relying on the users service. It seems like users.get_current_user() would not work for me if I'm neither using the native google logins nor openid.
Any suggestions or examples of how to handle persistence of these custom users with some level of security? I see the gaema library looks like it was developed to help handle different login options like this, but no example for how to handle persistence in webapp. On Jan 24, 3:15 pm, "Ikai Lan (Google)" <[email protected]> wrote: > That is roughly correct. LinkedIn is not an openID provider. > > Your flow looks like this: > > (Before anything happens, get a consumer key and secret from LinkedIn) > > 1. User goes to your app. Is there a token? Yes? No? If there's a token and > it's valid, just use that to make OAuth calls. > 2. Is the token invalid or doesn't exist? Send user to LinkedIn's > authorization page. User authorizes your app to make calls to LinkedIn on > their behalf, they are redirected to your callback URL with token > information. > 3. Save the token and make API calls. > > -- > Ikai Lan > Developer Programs Engineer, Google App Engine > Blogger:http://googleappengine.blogspot.com > Reddit:http://www.reddit.com/r/appengine > Twitter:http://twitter.com/app_engine > > > > > > > > On Fri, Jan 21, 2011 at 1:59 PM, Bob <[email protected]> wrote: > > Some of these questions may be basic. Be gentle. I've been reading all > > the articles and going through examples for oauth and openid, and I > > could use a sounding board to make sure I'm understanding it all. > > > I'm building a python web app (let's call it myapp) that I would like > > to use to interact with the linkedin api. > > > First, as I understand, the OAuth service (http://code.google.com/ > > appengine/docs/python/oauth/overview.html) is not appropriate here... > > that service is about allowing myapp to serve as an oauth provider. > > But in this case I want to be an oauth consumer, so that service > > doesn't sound like it will help me. > > > So I could use some python library that allows me to do oauth with > > linkedin, like this one:http://code.google.com/p/python-linkedin/ > > > Now as I understand, oauth wouldn't make much sense unless the user > > has already logged in somehow. I just get credentials returned... but > > nothing gets stored as a cookie so I know that "this" user goes with > > "these" credentials. So I should probably already have the user login > > somehow (like with openid) and then store those credentials on the > > user record (or on a model that extends the user, like UserProfile or > > something). > > > So if I wanted to use LinkedIn for openid, it's a two-step process. > > First, I show the user the linkedin login button, take them through > > the openid process for linkedin, and then I need to separately ask > > them to go through the oauth process to authorize myapp to work with > > their account on linkedin. > > > Is that right? There's no way to do this with just one step? > > > And DOES linkedin act as an openid provider? If so, what is their > > provider URL? I've looked but cannot find it. > > > Please let me know if I'm off-base with any of my assumptions. > > > Thanks! > > Bob > > > -- > > You received this message because you are subscribed to the Google Groups > > "Google App Engine" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]<google-appengine%2Bunsubscrib > > [email protected]> > > . > > For more options, visit this group at > >http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
