We have an application deployed in production environment running on Google AppEngine with python2.7 and NDB.
It uses the Federated Authentication via OpenID implemented according this article: https://cloud.google.com/appengine/articles/openid
The Users API from AppEngine is used for authentication (e.g. users.get_current_user(), users.create_login_url(federated_identity='https://www.google.com/accounts/o8/id') for Google login, etc.) - exactly as it is described in the main.py under Examples section in the article above.
Recently we are receiving a message during authentication:
OpenID 2.0 for Google accounts is going away.
Developers should migrate to OpenID Connect by April 20, 2015. Learn more.
I see that there is a documentation for "Migrating to OpenID Connect (OAuth 2.0 for login)" at https://developers.google.com/accounts/docs/OpenID#openid-connect
Probably every single person who uses Federated Authentication on AppEngine will face now the problem of migration... and will need to preserve the user data bound to the existing user identifiers which the Users API provides.
We must preserve the usage of Users API - as it is used all over the application.
Does Google plan to offer an alternative to the single line code users.create_login_url(federated_identity='https://www.google.com/accounts/o8/id') on AppEngine to make the port easier?
Is there an example source code of how to migrate the Federated authentication on AppEngine in Python to the new OpenID Connect?
Is there a compatibility layer for Users API with Federated authentication planned to be provided?
Related
I have developed a web application based on Django Framework, but i want my application to get authenticated by Azure Single Sign on, Please suggest the method or tutorials to achieve this
Google django azure authentication leads to here leads to here
Documentation here
I need to create a windows app where users can log in to the app using windows azure credentials and then the app calls the API after the user has successfully logged in. I am extremely new to python and so far all the solution I found was related to the python web app. I have seen similar functionality in google cloud SDK login but I have no idea how to implement it using Kivy-Python on my own. Is there any way to achieve this? If so please guide me on how to do it. Thank you :)
I can't give you full solution, but there is the latest python MSAL library ready for your example, as docs said:
The Microsoft Authentication Library for Python enables applications to integrate with the Microsoft identity platform. It allows you to sign in users or apps with Microsoft identities (Azure AD, Microsoft Accounts and Azure AD B2C accounts) and obtain tokens to call Microsoft APIs such as Microsoft Graph or your own APIs registered with the Microsoft identity platform. It is built using industry standard OAuth2 and OpenID Connect protocols
https://github.com/AzureAD/microsoft-authentication-library-for-python
It works for Windows: https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Microsoft-Authentication-Client-Libraries
I need to build a Django web-app. My web-app needs to support authentication and authorization using OpenID Connect. It is my first time doing this. Is there a free Identity Provider to test my application or do I need to write the provider and the client? My task is to write only the client that connects to the provider. An example would be great or some course/tutorial I can use to learn how to do this.
Maybe there are no good examples in Django but I know ASN.NET and Java so those examples could inspire me as well.
There are a bunch of OpenID Connect providers you can use to test your client: you can sign up for a free Auth0 or Okta developer sandbox, download and run IdentityServer locally, or try the OAuth2 Playground.
As for writing the client. Please don't write your own. There are a list of libraries from the OpenId Foundation. I've used pyoidc for a non Django application, you could hook that in to your app, or use one of the Django specific OpenID Connect libraries.
checkout this example using both provider (django app using django-oidc-provider package) and client (using JS).
https://django-oidc-provider.readthedocs.io/en/latest/sections/examples.html
I'm struggling to get Windows Live Web Authentication running on Google App Engine (GAE) using Python, as I'm quite new to the language.
However there are lots of examples for Facebook and Twitter, I was wondering if anyone had come up with a solution for Windows Live yet?
From what I can tell, the SDK you're referring to is just used for authentication, not authorization. That is, it allows you to uniquely identify a user by their Windows Live ID, but not, say, programmatically import their Hotmail contacts.
If this is the case, it would be easier to use the built-in OpenID support that's already available on both sides. The Windows Live OpenID provider is OpenID.Live-INT.com; instructions for authenticating using OpenID on App Engine can be found # http://code.google.com/appengine/articles/openid.html.
I ended up using http://anyopenid.com which provides quite a good bridge to openid, and I was able to use this with Google App Engine.
I am using python language for google app engine based iphone application .I want to install/access ssl on python. I am unable to find a way to install/enable it in python file. please guide me how can I make my application to connect to ssl As I want to Apple enable push notification services on my application Its urgent.
See the App Engine Python documentation on setting up secure URLs. Note that this will only work when accessed via your appspot.com domain - it's not possible to have SSL on a custom domain through App Engine, currently.
Nick Johnson has already provided a link and mentioned that this functionality is not currently available on your domain (only on apps running on Google's hotspot domain).
Obviously, most developers need their apps to run on their own domains, so this is a very highly requested feature. Fortunately, Google has recently added this feature to their GAE roadmap indicating that it will be available soon. Unfortunately, we don't know what 'soon' means.