Hi Tom, I find that the best way to understand AuthSub is to go through the authorization flow a few times. A good place to see this in action is http://gdata-feedfetcher.appspot.com/ , sign in, click on a link under "Feeds which require authorization" and observe the auth flow.
To start over with a clean slate, click the link "To erase your stored tokens, click here" Now for the details. When you first visit the page which requires an auth token, there is no auth token present, so the code generates a link to authorize this app to access the desired resources. After you click the "Grant Access" button on https://www.google.com/accounts/AuthSubRequest... you are taken back to the app, but the URL now has some addition information: ...&token=CKasdk... Since the app sees the token in the request URL, it does not need to generate the authorization link. Documentation on AuthSub can be found here: http://jscudder:6346/apis/accounts/docs/AuthSub.html#AuthProcess Re. your assumptions on request routing: When a request comes in for the app, the configuration in app.yaml is checked first. http://code.google.com/p/google-app-engine-samples/source/browse/trunk/gdata_feedfetcher/app.yaml The first matching regular expression dictates which script is run or which file is served. In this case, visiting anything beginning with /... will cause feedfetcher.py to run. http://code.google.com/p/google-app-engine-samples/source/browse/trunk/gdata_feedfetcher/feedfetcher.py In feedfetcher.py, the statment webapp.WSGIApplication([('/', Fetcher),...]) sets request routing rules within this script and directs the request to the desired RequestHandler class (in this case Fetcher). Since the browser is performing an HTTP GET, the get method in Fetcher is invoked, and the get method examines the currently requested URL for additional information. I hope this helps, I feel like this may be a lot :) Happy coding, Jeff On Dec 9, 10:40 pm, Tom <[EMAIL PROTECTED]> wrote: > Hi Jeff, > > you are right ..... thanks. > > i have anothe question for you .... > i couldnt figure out how the below line of code works .... > > auth_token = gdata.auth.extract_auth_sub_token_from_url > (self.request.uri) > > i suppose only GenerateAuthSubURL() function can generate the url > with tokens .... but i have seen the > above line of code before calling GenerateAuthSubURL() in the > example:http://code.google.com/appengine/articles/gdata.html > > how come we receive the auth_token from the requirest uri? (its just > the application uri without any token right?) > > please share links to essential tutorials if you think i am missing > some vital information, i am new to html > (and for that matter, to python also :-) ) > > here is my assumption: > based on the app.yaml file client request will be routed to the script > and > it will call the get function of the class assigned for handling that > particular uri parameter .......... > correct me if i am wrong. > > Thank you, > Tom. > > On Dec 8, 8:28 pm, Jeff S <[EMAIL PROTECTED]> wrote: --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
