Google Cloud Endpoints with another oAuth2 provider

Question

Is there a way to use another OAuth2 provider with Google Cloud Endpoints? I mean for example, get authentication from Facebook and use it the same way we use Google Account Auth (using gapi js and putting User class on @ApiMethod)

Check this out: http://stackoverflow.com/questions/18716674/facebook-login-in-google-cloud-endpoints/22495862#22495862 — Nathan Do, Apr 03 '14 at 16:04

tomrozb · Answer 1 · 2014-12-13T09:29:55.293

7

You have to implement your own Authenticator and update @Api configuration. Based on this answer a simple authenticator will look like this:

public class MyAuthenticator implements Authenticator {

    @Override
    public User authenticate(HttpServletRequest request) {
        String token = request.getHeader("Authorization");
        if (token != null) {
            // apply your Facebook/Twitter/OAuth2 authentication
            String user = authenticate(token);
            if (user != null) {
                return new User(user);
            }
        }
        return null;
    }
}

And your API definition

@Api(name = "example", authenticators = {MyAuthenticator.class})

More about custom authenticators you can find in Google documentation.

edited Dec 13 '14 at 09:29

answered Dec 13 '14 at 09:22

tomrozb

25,773
31
101
122

Is there a python equivalent? – Janusz Skonieczny Apr 30 '15 at 09:23
@JanuszSkonieczny I've no idea whether or not it's available for python, you should probably ask a new question on SO – tomrozb May 02 '15 at 11:04
anyone know how to put the data inside the header from android client? – myfknoll Jun 11 '15 at 20:09

score 5 · Accepted Answer · answered Apr 08 '13 at 14:52

5

No. I came across someone else asking this question and the answer from the google folks (if I remember correctly) was that the endpoints user authentication currently only supports Google accounts.

answered Apr 08 '13 at 14:52

Tom

17,103
8
67
75

Is there a way to implement an alternative? Like storing User in the session? (I just discovered that session also does not work in Google Cloud Endpoint) – Douglas Correa Apr 08 '13 at 15:41
1

Sure, you can implement any alternative you want, and you can pass your systems' tokens via endpoints, but you will have to implement the authentication yourself. – Tom Apr 08 '13 at 15:51
1

the problem here is how to control the user session, because Google Endpoint not provide session, right? – Douglas Correa Apr 08 '13 at 16:32
Yes, that is my understanding. – Tom Apr 08 '13 at 16:40
You can use endpoints with Sessions enabled. You just need to enable them in your appengine-web.xml using true – Manu Feb 19 '15 at 08:27
1

@InsaurraldeAP it's not true. You can either implement your own auth schema or implement OAuth with some other provider. – jirungaray Mar 27 '15 at 15:48

score 2 · Answer 3 · answered Apr 20 '14 at 03:12

2

I wrote an example exchanging a Facebook access token for one generated by my application, and validating it from within an endpoints method:

https://github.com/loudnate/appengine-endpoints-auth-example

answered Apr 20 '14 at 03:12

nate

171
3

score 2 · Answer 4 · answered Jun 11 '15 at 17:40

Google Cloud Endpoints allow you to recover User, HttpServletRequest and HttpServletContext into you API methods by injecting it as parameters.

It is not OAuth2 but here is a begining of a solution: https://www.yanchware.com/custom-authentication-for-google-cloud-endpoints/

The proposed solution is to inject HttpServletRequest in specific api methods to access the session.

Google Cloud Endpoints with another oAuth2 provider

4 Answers4

Linked