I believe that the difference between urlfetch and urllib2 is
superficial - App Engine makes all requests using urlfetch, regardless
of which lib you use in your code.

On Jul 15, 4:55 pm, epb <esbenbu...@gmail.com> wrote:
> On Jul 15, 4:05 pm, Tony <fatd...@gmail.com> wrote:
> > The response has the "Set-cookie" header set, which will cause the
> > user's browser to save the cookie and then present it on the next
> > request (after redirected by the 302).  In my code I've opted not to
> > follow the redirect, and extracted the cookie myself, because it's the
> > urlfetch service doing the request, not the user.  You can then either
> > return a response to the user with a "Set-cookie" HTTP header (causing
> > their browser to save the cookie), or handle it some other way (return
> > it in the body and set the cookie with Javascript, for example).
> > I think I misunderstood your original question, though, and you're
> > looking for something different.  You want to get an authorization
> > cookie and then use it to make repeated requests with urlfetch, not
> > with a browser?  If that's the case, you're going to want to capture
> > the "Set-cookie" header from the second response, and supply that in
> > future requests (setting the "Cookie" header for urlfetch).
> Yes, that is exactly what I want :) My client app. is not browser-
> based. I guess I'll just use your method then.. appengine_rpc must be
> intended for browser apps only, as it does nothing to capture the
> auth. cookie. I could of course extend the appengine_rpc module to
> capture the cookie, but the module uses urllib2.OpenerDirector.open()
> to open URLs and this is perhaps not the way to go in my case? I am
> not sure what the difference is between urlfetch() and open().... it
> seems like I can get the headers (and hereby the cookie) by using info
> () on the response from open().
> > Basically, urlfetch will follow redirects but it won't handle cookies
> > automatically - so what's happening is it's ignoring the "Set-cookie"
> > header and following the redirect, and being denied because it's not
> > supplying a cookie.
> > On Jul 15, 2:58 pm, epb <esbenbu...@gmail.com> wrote:
> > > I can see why Tony's version would work. His "algorithm" has two
> > > steps:
> > > 1. Get the authorization token using ClientLogin (which I also managed
> > > to do).
> > > 2. Use the uri "servername/_ah/login" to get the auth. cookie.
> > > The appengine_rpc module seems to do authentication in a similar way:
> > > A. Try to access the app. This results in a redirect to a location
> > > that starts withhttps://www.google.com/accounts/ServiceLogin
> > > B. Get a auth. token (like step 1 above)
> > > C. Use auth. token to get auth. cookie.
> > > D. Try to access the app. again (this is where it fails in my case...)
> > > Anyway, step C is performed using the function below:
> > > -------
> > > def _GetAuthCookie(self, auth_token):
> > >     """Fetches authentication cookies for an authentication token.
> > >     Args:
> > >       auth_token: The authentication token returned by ClientLogin.
> > >     Raises:
> > >       HTTPError: If there was an error fetching the authentication
> > > cookies.
> > >     """
> > >     continue_location = "http://localhost/";
> > >     args = {"continue": continue_location, "auth": auth_token}
> > >     login_path = os.environ.get("APPCFG_LOGIN_PATH", "/_ah")
> > >     req = self._CreateRequest("%s://%s%s/login?%s" %
> > >                               (self.scheme, self.host, login_path,
> > >                                urllib.urlencode(args)))
> > >     try:
> > >       response = self.opener.open(req)
> > >     except urllib2.HTTPError, e:
> > >       response = e
> > >     if (response.code != 302 or
> > >         response.info()["location"] != continue_location):
> > >       raise urllib2.HTTPError(req.get_full_url(), response.code,
> > > response.msg,
> > >                               response.headers, response.fp)
> > >     self.authenticated = True
> > > ------
> > > It seems to me, that we do nothing with the response in this
> > > function?? Shouldn't we save the cookie in the response like Tony's
> > > does above, and then use it when we try to log in again?
> > > On Jul 15, 1:06 pm, epb <esbenbu...@gmail.com> wrote:
> > > > Thanks for your answers.
> > > > As I understand Nick's response, I only need to use appengine_rpc.py
> > > > for the entire process. I tried the following:
> > > > -------
> > > > def passwdFunc():
> > > >     return ('my_email','my_passwd')
> > > > rpcServer = appengine_rpc.HttpRpcServer
> > > > ('myapp.appspot.com',passwdFunc,None,'myAppName')
> > > > blah = rpcServer.Send('/')
> > > > -------
> > > > This gave me a 302 error and the following log:
> > > > -------
> > > > Server: myapp.appspot.com
> > > > Sending HTTP request:
> > > > POST /? HTTP/1.1
> > > > Host: myapp.appspot.com
> > > > X-appcfg-api-version: 1
> > > > Content-type: application/octet-stream
> > > > Got http error, this is try #1
> > > > Got 302 redirect. 
> > > > Location:https://www.google.com/accounts/ServiceLogin?service=ah&continue=http...
> > > > nue%3Dhttp://myapp.appspot.com/
> > > > &ltmpl=gm&ahname=MyAppName&sig=46378246....321321312
> > > > Sending HTTP request:
> > > > POST /? HTTP/1.1
> > > > Host: myapp.appspot.com
> > > > X-appcfg-api-version: 1
> > > > Content-type: application/octet-stream
> > > > Got http error, this is try #2
> > > > -------
> > > > It seems to me that the Send() function should do all authentication-
> > > > work automatically and re-direct to the app page after logging in.
> > > > Right?
> > > > Anyway, I'll try out Tonys solution also..
> > > > On Jul 15, 11:18 am, Tony <fatd...@gmail.com> wrote:
> > > > > Since I happened to have this up, here's a bit of sample code to get
> > > > > an authentication cookie for an appspot app...
> > > > > from google.appengine.api import urlfetch
> > > > > from urllib import urlencode
> > > > > email = request.POST['username']
> > > > > passwd = request.POST['password']
> > > > > serv_root = "http://myapp.appspot.com";
> > > > > target = 'http://myapp.appspot.com/null'
> > > > > app_name = "myapp-1.0"
> > > > > auth_uri = 'https://www.google.com/accounts/ClientLogin'
> > > > > authreq_data = urlencode({ "Email":   email,
> > > > >                                   "Passwd":  passwd,
> > > > >                                   "service": "ah",
> > > > >                                   "source":  app_name,
> > > > >                                   "accountType": "HOSTED_OR_GOOGLE" })
> > > > > result = urlfetch.fetch(auth_uri, authreq_data, method=urlfetch.POST,
> > > > > follow_redirects=False)
> > > > > auth_dict = dict(x.split("=") for x in result.content.split("\n") if
> > > > > x)
> > > > > auth_token = auth_dict["Auth"]
> > > > > serv_args = {}
> > > > > serv_args['continue'] = target
> > > > > serv_args['auth']     = auth_token
> > > > > serv_uri = "%s/_ah/login?%s" % (serv_root, urlencode(serv_args))
> > > > > result2 = urlfetch.fetch(serv_uri, follow_redirects=False,
> > > > > method=urlfetch.GET)
> > > > > ### here's the cookie which will authenticate future requests
> > > > > cookie = result2.headers['set-cookie'].split(';')[0]
> > > > > # cookie[0] => "ACSID"
> > > > > # cookie[1] => "AAAAHFSDJHSDFHSDJFHSDJFHSJFSDfsdjfhsjdfhsjdfh..."
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to