Closed GoogleCodeExporter closed 9 years ago
Added for review in our milestone release.
Original comment by devraj
on 24 Feb 2010 at 9:52
Advantages of using OAuth:
- user does not have to trust you with username and password (and this is a
huge issue)
- user does not have to enter password for each command, the OAuth token can be
cached locally and reused
Original comment by mscurte...@google.com
on 24 Feb 2010 at 11:23
Agreed. Please note our comment above and status of the request. We have
accepted this as a valid feature
request and will be scheduling it for development for one of our upcoming
milestones.
Original comment by devraj
on 24 Feb 2010 at 11:26
I have been contemplating working on this for the next release. A lot of
gdatacopier users probably run headless boxes, any ideas as to how they would
complete the OAuth login process without a browser?
Original comment by devraj
on 17 Nov 2010 at 8:50
How the flow looks like if gdatacopier is on a desktop machine where there is a
browser:
1. User initiates authorization process by running gdatacopier with a special
command line parameter (for example: gdatacopier --auth)
2. gdatacopier constructs an OAuth request URL (it needs to grab a request
token first with a direct call)
3. gdatacopier starts a browser and points to this URL
4. user logs in to Google, if necessary
5. user approves access for gdatacopier
6. a result page is displayed with a verification code (the code shows as query
parameter, window title and also in text displayed to user)
7. gdatacopier grabs the verification code
8. gdatacopier exchanges the verification code for an access token
There is a bit of hand waving in step 7, and step 2 is somewhat related. I can
get into details if you want.
If gdatacopier runs on a headless box, then:
1. same
2. same
3. gdatacopier prints the request URL and asks user to copy to a machine where
it has a browser (if user is ssh-ed into the headless box then it can just
right click on link and open browser)
4. same
5. same
6. same
7. user copies verification code from result page and pastes into gdatacopier,
gdatacopier is either waiting for input at this point or user needs to start
gdatacopier with another command line option (for example: gdatacopier --auth
--code=xyz)
8. same
Makes sense?
As an alternative, instead of 1-3 you can provide a simple web app that does
the same. This web app can also do 6-8 and at the end show the access token to
the user. The user now can grab this access token and paste into gdatacopier
config file, it is the same as a service specific password.
Original comment by mscurte...@google.com
on 17 Nov 2010 at 6:40
Re-assigned to Mcanato
Original comment by devraj
on 2 Dec 2010 at 11:11
OAuth 2 legged authentication is under development
Original comment by mcanato
on 7 Dec 2010 at 8:17
Fixed in 3.0 release
Original comment by devraj
on 27 Feb 2012 at 9:43
Original issue reported on code.google.com by
mscurte...@google.com
on 24 Feb 2010 at 8:30