Google App Engine 和组配置

Question

我真的需要一些帮助，我已经在这工作了将近 2 周了。

我正在尝试使用 oAuth2 在 GAE（Google App Engine）内部使用 Google 的配置 API。我知道有一些使用 oAuth1 的示例来完成此操作。我的理解是 oAuth1 现在已被弃用，我们必须使用 oAuth2，如果我错了，请纠正我。

我搜索了互联网，唯一能找到的例子是：

http://gdata-samples.googlecode.com/svn-history/r232/trunk/gdata/youtube-oauth2-app-engine/main.py

我发现的其他示例使用 oAuth 1，或者它们不是为与 App Engine 一起使用而设计的。

我已从上面的示例中获取代码并尝试对其进行修改以与组配置 API 一起使用，这是我的代码：

import os

from gdata.alt import appengine
from gdata.service import RequestError
from google.appengine.api import users
from google.appengine.ext import webapp
from google.appengine.ext.webapp import template
from google.appengine.ext.webapp import util
from oauth2client.appengine import OAuth2Decorator
import gdata.auth
import gdata.apps.groups.client
import gdata.client
import httplib2


API_VERSION = '2.0'
BASE_URL = '/a/feeds/group/%s' % API_VERSION
# HACK to use the Python GData client library with OAuth 2 tokens.
# We use the methods that deal with AuthSub tokens.
gdata.auth.AUTHSUB_AUTH_LABEL = "OAuth "

class MainHandler(webapp.RequestHandler):
  # The client_id and client_secret are copied from the API Access tab on
  # the Google APIs Console <http://code.google.com/apis/console>
  oauth2_decorator = OAuth2Decorator(
    client_id="myClientID.apps.googleusercontent.com",
    client_secret="myClientSecret",
    scope="https://apps-apis.google.com/a/feeds/groups/")

  # This decorator ensures that whenever this page is served, we have a valid
  # OAuth 2 token for the user.
  @oauth2_decorator.oauth_required
  def handle_exception(self, exception, debug_mode):
    """Handle OAuth 2 token expirations by forcing a refresh.

    For newer Google APIs, refreshes are handled automatically by the client
        library, but for GData APIs, we need to explicitly force this behavior.
    """
    if (isinstance(exception, RequestError) and
        exception.args[0]["status"] == 401):
      body = exception.args[0]["body"]
      if "Token invalid - Invalid AuthSub token." in body:
        self.oauth2_decorator.credentials._refresh(httplib2.Http().request)
        self.redirect(self.request.url)
        return

    webapp.RequestHandler.handle_exception(self, exception, debug_mode)

  # This decorator ensures that whenever this page is served, we have a valid
  # OAuth 2 token for the user.
  @oauth2_decorator.oauth_required
  def get(self):
      self.domain='testdomain123456.mygbiz.com'
      self.baseuri = '%s/%s' % (BASE_URL, 'testdomain123456.mygbiz.com')
      self.token = self.oauth2_decorator.credentials.access_token
      self.client = gdata.apps.groups.client.GroupsProvisioningClient(
        domain=self.domain, auth_token=self.token)

      self.client.SetAuthSubToken(self.token)

      params = dict(
      logout_url=users.create_logout_url(self.request.uri),
      memberFeed = self.client.RetrieveAllMembers('test')
    )
      path = os.path.join(os.path.dirname(__file__), 'templates', 'index.html')
      self.response.out.write(template.render(path, params))


def main():
  application = webapp.WSGIApplication([('/', MainHandler)], debug=True)
  util.run_wsgi_app(application)


if __name__ == '__main__':
  main()

我将它部署到http://appplat4.appspot.com，如您所见，它返回 500 服务器错误。我在与app.yaml 相同的目录中拥有所有必要的库，并且我为域设置了我的google api。

截图：

我一直在尽我所能从 GAE 中配置组，但没有成功。如果可以，请提供帮助，任何量的输入表示赞赏。

Answer 1

这不涉及应用程序引擎，但它是使用带有 oauth 2 的 gdata 客户端的命令行示例：

import sys
import os
import webbrowser
import gdata.gauth
import oauth2client.client
import oauth2client.file
import oauth2client.tools
import gdata.gauth
import gdata.client
import gdata.apps.groups.client

APICONSOLE = 'https://code.google.com/apis/console'
SCOPES = 'https://apps-apis.google.com/a/feeds/groups/'
OAUTH2FILENAME = 'credentials.oauth2'
OAUTH2JSONFILE = 'client_secrets.json'
OAUTH2USERAGENT = 'GROUPS'
MISSING_OAUTHJSONFILE_MESSAGE = """
You must create or download a client secrets json file (%s)
from the Google APIs console <https://code.google.com/apis/console>.
Attemping to open page with your browser ...
""" % os.path.join(os.path.dirname(__file__), OAUTH2JSONFILE)

# populate with approprate values
DOMAIN = 'your-domain'
GROUP_ID = 'agroup@your.domain'

if not os.path.isfile(OAUTH2JSONFILE):
  message = MISSING_OAUTHJSONFILE_MESSAGE
  print message
  try:
    webbrowser.open(str(APICONSOLE))
  except Exception, e:
    print "Error opening web page"
    sys.exit(1)
  message = 'When %s is created/downloaded press Enter to continue ... ' %(OAUTH2JSONFILE)
  raw_input(message)
oauth2_flow = oauth2client.client.flow_from_clientsecrets(OAUTH2JSONFILE,
  scope=SCOPES,message=MISSING_OAUTHJSONFILE_MESSAGE)
storage = oauth2client.file.Storage(OAUTH2FILENAME)
oauth2_credentials = storage.get()
if oauth2_credentials is None or oauth2_credentials.invalid:
  oauth2_credentials = oauth2client.tools.run(oauth2_flow, storage)
oauth2_token = gdata.gauth.OAuth2Token(
  client_id=oauth2_credentials.client_id,
  client_secret=oauth2_credentials.client_secret,
  scope=SCOPES,
  user_agent=OAUTH2USERAGENT,
  access_token=oauth2_credentials.access_token,
  refresh_token=oauth2_credentials.refresh_token)
# authorize client
groups_client = oauth2_token.authorize(
  gdata.apps.groups.client.GroupsProvisioningClient(domain=DOMAIN))
print 'Authorized domain %s . . .\n' %(DOMAIN)
group_entry = groups_client.RetrieveGroup(group_id=GROUP_ID)
print group_entry.group_id
print group_entry.group_name
print group_entry.description
print group_entry.email_permission

sys.exit(0)