Integrating Google AppEngine with a Thick Client

987 views Asked by At

I want to make a multi-user client-server solution with Java Swing thick client as a front-end and Google AppEngine (Java one) as a back-end.

The problem is that GAE provides only web-based forms for logging in and out, so there's no trivial way to employ Google Accounts features in a thick client.

Can you give some advices/hints/ideas on how to allow a thick client login to and logout from a GAE webapp?

3

There are 3 answers

0
Jason DeFontes On BEST ANSWER

There is a way for client apps to authenticate against Google Accounts, but I don't know if the token you receive can be passed back to AppEngine. See: ClientLogin for Installed Applications

0
JasonSmith On

I am sorry, I can only answer you indirectly. It is possible to log in to an app on appspot.com with a Google account. You just have to do everything a browser would, including keeping some cookies and contacting several servers as they bounce you around.

I played around with this for a stillborn project a couple of months ago and ended up with a shell script that mostly runs cURL to log in. Perhaps you could take from it what you need.

#!/bin/bash

my_app="set-this-to-my-app-id"
url="http://$my_app.appspot.com"
curl='curl --cookie-jar cookies'

if [ -z "$EMAIL" -o -z "$PASS" ]; then
    echo -n 'Email: '
    read EMAIL
    echo -n 'Pass: '
    read PASS
fi

rm -f cookies auth

echo 'Login'
$curl https://www.google.com/accounts/ClientLogin --output auth \
      -d "Email=$EMAIL" -d "Passwd=$PASS" \
      -d accountType=HOSTED_OR_GOOGLE     \
      -d source=$my_app                   \
      -d service=ah

. auth # XXX Be careful here. The output of the above
       # command happens to be Bash syntax too!
rm -f auth

echo 'Logging into app and getting cookie'
$curl "$url/_ah/login?continue=$url/console/&auth=$Auth"

echo
echo 'Example POST query'
$curl -X POST --cookie cookies "$url/some/path" -d 'foo=bar'

echo
rm -f cookies
0
Rahel Lüthy On

as suggested by @Jason DeFontes the ClientLogin authorization process is addressing this issue.

as a minimal-effort alternative approach, you could embed the web-based (html) forms into your thick client, i.e. use a java component that supports html-rendering (like a JEditorPane with an HTMLEditorKit installed) and present this component inside your swing app -- at least users would not need to switch back-and-forth between your app and the browser this way.