Yeah, you'd have to handle your own users. Use a unique identifier for the User as the key. What security issues were you worried about?
-- Ikai Lan Developer Programs Engineer, Google App Engine Blogger: http://googleappengine.blogspot.com Reddit: http://www.reddit.com/r/appengine Twitter: http://twitter.com/app_engine On Mon, Jan 24, 2011 at 2:47 PM, Bob <[email protected]> wrote: > Thanks for the feedback Ikai! > > So it sounds like if I want to use linkedin as my only "login" option > using their oauth service, then I'll need to roll my own management of > users, rather than relying on the users service. It seems like > users.get_current_user() would not work for me if I'm neither using > the native google logins nor openid. > > Any suggestions or examples of how to handle persistence of these > custom users with some level of security? I see the gaema library > looks like it was developed to help handle different login options > like this, but no example for how to handle persistence in webapp. > > On Jan 24, 3:15 pm, "Ikai Lan (Google)" > <[email protected]<ikai.l%[email protected]> > > > wrote: > > That is roughly correct. LinkedIn is not an openID provider. > > > > Your flow looks like this: > > > > (Before anything happens, get a consumer key and secret from LinkedIn) > > > > 1. User goes to your app. Is there a token? Yes? No? If there's a token > and > > it's valid, just use that to make OAuth calls. > > 2. Is the token invalid or doesn't exist? Send user to LinkedIn's > > authorization page. User authorizes your app to make calls to LinkedIn on > > their behalf, they are redirected to your callback URL with token > > information. > > 3. Save the token and make API calls. > > > > -- > > Ikai Lan > > Developer Programs Engineer, Google App Engine > > Blogger:http://googleappengine.blogspot.com > > Reddit:http://www.reddit.com/r/appengine > > Twitter:http://twitter.com/app_engine > > > > > > > > > > > > > > > > On Fri, Jan 21, 2011 at 1:59 PM, Bob <[email protected]> wrote: > > > Some of these questions may be basic. Be gentle. I've been reading all > > > the articles and going through examples for oauth and openid, and I > > > could use a sounding board to make sure I'm understanding it all. > > > > > I'm building a python web app (let's call it myapp) that I would like > > > to use to interact with the linkedin api. > > > > > First, as I understand, the OAuth service (http://code.google.com/ > > > appengine/docs/python/oauth/overview.html) is not appropriate here... > > > that service is about allowing myapp to serve as an oauth provider. > > > But in this case I want to be an oauth consumer, so that service > > > doesn't sound like it will help me. > > > > > So I could use some python library that allows me to do oauth with > > > linkedin, like this one:http://code.google.com/p/python-linkedin/ > > > > > Now as I understand, oauth wouldn't make much sense unless the user > > > has already logged in somehow. I just get credentials returned... but > > > nothing gets stored as a cookie so I know that "this" user goes with > > > "these" credentials. So I should probably already have the user login > > > somehow (like with openid) and then store those credentials on the > > > user record (or on a model that extends the user, like UserProfile or > > > something). > > > > > So if I wanted to use LinkedIn for openid, it's a two-step process. > > > First, I show the user the linkedin login button, take them through > > > the openid process for linkedin, and then I need to separately ask > > > them to go through the oauth process to authorize myapp to work with > > > their account on linkedin. > > > > > Is that right? There's no way to do this with just one step? > > > > > And DOES linkedin act as an openid provider? If so, what is their > > > provider URL? I've looked but cannot find it. > > > > > Please let me know if I'm off-base with any of my assumptions. > > > > > Thanks! > > > Bob > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "Google App Engine" group. > > > To post to this group, send email to [email protected] > . > > > To unsubscribe from this group, send email to > > > [email protected]<google-appengine%[email protected]><google-appengine%2Bunsubscrib > [email protected]> > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/google-appengine?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<google-appengine%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
