Skip to main content

Using GAE OData from C#: Authentication

The last post about ODATA in the Google App Engine (python) allowed anyone to create, update or delete the models. Google App Engine (GAE) can authenticate Google users or users of you Google Apps domain. Using this feature, we can authenticate users of our C# application and use the authentication token when submitting calls to our OData service. The following class is based on the work found in here.
 class GAEAuthentication
    {
       
        public string Authenticate(string gaeAppBaseUrl, string googleUserName, String googlePassword, string yourClientApp, string is_admin, bool is_dev_env)
        {
            string googleCookie;
            String gaeAppLoginUrl = gaeAppBaseUrl + "_ah/login";
            String yourGaeAuthUrl = gaeAppBaseUrl + "odata.svc/";
            
            String googleLoginUrl;
            if (is_dev_env)
            {
                googleLoginUrl = gaeAppLoginUrl;
            }
            else
            {
                googleLoginUrl = "https://www.google.com/accounts/ClientLogin";
            }

            // prepare the auth request
            HttpWebRequest authRequest = (HttpWebRequest)HttpWebRequest.Create(googleLoginUrl);
            if (is_dev_env)
            { 
                // prepare the data we will post to the login page
                String queryData = "email=" + HttpUtility.UrlEncode(googleUserName) + "&" +
                  
                                  "admin=" + HttpUtility.UrlEncode(is_admin) + "&" +
                                  "action=login"  + "&" +
                                  "continue=" + HttpUtility.UrlEncode(yourGaeAuthUrl);

                authRequest = (HttpWebRequest)HttpWebRequest.Create(googleLoginUrl + "?" + queryData);

                authRequest.Method = "GET";
                authRequest.AllowAutoRedirect = false;
                
                // get the response
                HttpWebResponse authResponse = (HttpWebResponse)authRequest.GetResponse();

                googleCookie = authResponse.Headers["Set-Cookie"].Split(';')[0];
                //authRequest.AllowAutoRedirect = false;
            }
            else
            {
                authRequest.Method = "POST";
                authRequest.ContentType = "application/x-www-form-urlencoded";
                authRequest.AllowAutoRedirect = false;

                // prepare the data we will post to the login page
                String postData = "Email=" + HttpUtility.UrlEncode(googleUserName) + "&" +
                                  "Passwd=" + HttpUtility.UrlEncode(googlePassword) + "&" +
                                  "service=" + HttpUtility.UrlEncode("ah") + "&" +
                                  "admin=" + HttpUtility.UrlEncode(is_admin) + "&" +

                                  "source=" + HttpUtility.UrlEncode(yourClientApp) + "&" +
                                  "accountType=" + HttpUtility.UrlEncode("HOSTED_OR_GOOGLE");
                byte[] buffer = Encoding.ASCII.GetBytes(postData);
                authRequest.ContentLength = buffer.Length;

                // submit the request
                Stream postDataStr = authRequest.GetRequestStream();
                postDataStr.Write(buffer, 0, buffer.Length);
                postDataStr.Flush();
                postDataStr.Close();

                // get the response
                HttpWebResponse authResponse = (HttpWebResponse)authRequest.GetResponse();
                Stream responseStream = authResponse.GetResponseStream();
                StreamReader responseReader = new StreamReader(responseStream);

                // look through the response for an auth line
                String authToken = null;
                String nextLine = responseReader.ReadLine();
                while (nextLine != null)
                {
                    if (nextLine.StartsWith("Auth="))
                    {
                        // remove the 'Auth=' from the start
                        //  of the string
                        // because when we give it back to
                        //  google it needs to be 'auth='
                        //  (lower-case 'a') and it is
                        //  case-sensitive
                        authToken = nextLine.Substring(5);
                    }
                    nextLine = responseReader.ReadLine();
                }

                // cleanup
                responseReader.Close();
                authResponse.Close();

                // prepare the redirect request
                String cookieReqUrl = gaeAppLoginUrl + "?" +
                                      "continue=" + HttpUtility.UrlEncode(yourGaeAuthUrl) + "&" +
                                      "auth=" + HttpUtility.UrlEncode(authToken);

                // prepare our HttpWebRequest
                HttpWebRequest cookieRequest = (HttpWebRequest)WebRequest.Create(cookieReqUrl);
                cookieRequest.Method = "GET";
                cookieRequest.ContentType = "application/x-www-form-urlencoded";
                cookieRequest.AllowAutoRedirect = false;

                // retrieve HttpWebResponse with the google cookie
                HttpWebResponse cookieResponse = (HttpWebResponse)cookieRequest.GetResponse();
                googleCookie = cookieResponse.Headers["Set-Cookie"];
            }
           

            return googleCookie;
        }
    }

The class above authenticates the user and then returns token cookie. To allow the built-in authentication in GAE to work with our client program, we need to store the cookie containing that token and use it in each call to the OData service. We accomplish that by using the SendingRequest event to set the Cookie. The following code uses the GAEAuthentication to authenticate as an admin in a developer instance:
class Program
    {
        private static string _cookie;
        static void Main(string[] args)
        {
            GAEAuthentication authenticator = new GAEAuthentication();
            _cookie = authenticator.Authenticate("http://localhost:8080/", "test@example.com", "", "odata", "True", true);

            GAEODATAService.model.default_container proxy = new GAEODATAService.model.default_container(new Uri("http://localhost:8080/odata.svc"));
            proxy.SendingRequest += new EventHandler(proxy_SendingRequest);
         
            proxy.AddToCashTransaction(new CashTransaction() { key = "0", amount_cents = 12098, date = DateTime.Now, description = "Online Bill" }); //must be one of set(['bird', 'dog', 'cat'])
            proxy.SaveChanges();

            var all_pets = proxy.Pet;
            foreach (var pet in all_pets)
            {
                Console.Out.WriteLine("Pet {0}, weight: {1}, type: {2}", pet.name, pet.weight_in_pounds, pet.type);
            }
            Console.ReadLine();
        }

        /// 
        /// Intercept proxy's SendingRequest so that we can add the Google authentication cookie to the request.
        /// 
        /// 


        /// 


        private static void proxy_SendingRequest(object sender, SendingRequestEventArgs evt)
        {
            evt.RequestHeaders["Cookie"] = _cookie;
        }
    }
You will need to configure your GAE app as well to require authentication (See this). One simple example is to allow only admins to add, update or delete by changing your app.yaml to read:
- url: /odata.svc(/.*)
  script: odata-gae.py
  login: admin

Comments

Popular posts from this blog

Mail labels and letter templates for jasperreports

The following are free (MIT license) mailing labels and letter templates for jasperreports that you can download and use in jasperserver and/or ireport: Update 3/15/2011 : I moved the Mail templates zip file here . Please consider making a small donation if the templates are of help to you, Thank you! If you need more information on how to use those templates please leave a comment in the blog.

How to create online multiplayer HTML5 games in Contruct2

  Construct2 can use websockets to send and receive messages between games. By using socket-io , we can use a Node.js script as the server and my modification to the socket-io plugin for Construct2 to allow the games to synchronize data between them in real-time. There are two parts to this design: the Node.js server and the Construct2 clients (the games playing). The main part of building an online multiplayer HTML5 game is to plan: how the clients will communicate how often and what to communicate how much of the logic will go into the server and how much to the client. In my sample game, I chose to have each client own a player and have the server just relay messages: Use string messages in the form TypeOfMessage, Parameter1, Paremeter2, Parater3, etc to communicate. Have the clients send their player position about 16 times a second. Whenever their player shoots, the client needs to send a message immediately. Almost all of the game logic will...

Send Email from C# using Outlook's COM late binding

The following sample code shows how to send emails from Outlook and Exchange using C#. This code works with any version of Outlook because it uses Late Binding to automate Outlook. Parts of the code where taken from other websites. using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Reflection; using System.Threading; namespace LateBindingTest { class OutlookEmailerLateBinding { private object oApp; private object oNameSpace; private object oOutboxFolder; public OutlookEmailerLateBinding() { Type outlook_app_type; object[] parameter = new object[1]; //Get the excel object outlook_app_type = Type.GetTypeFromProgID("Outlook.Application"); //Create instance of excel oApp = Activator.CreateInstance(outlook_app_type); //Set the parameter which u want to set parameter[0] = "MAPI...