[google-appengine] Re: Interact with external server for static "private" files

[Holger]

It may seem, but it's not trivial at all.
> This seems like a pretty trivial thing to do

The difficulty depends on how 'safe' the solution should be.

I think the logical sequence could be:

1. User asks your appspot for video

2. User is redireced to your video source with an URL get attachment
(the URL part behind the question mark) informing your video source:

2a. Information on the video which shall be presented to the user

2b. Information on user authorization

-
An easy form of authorization proof would be a MD5 hash of a secret
string plus date and hour. Your user could extract the url, but this
url would work within the current hour only.


A safer sequence would be a multi redirection.

aa. The user is redireted to your video source with url '/requestA?
video= key1=
bb. Your video source creates a redirection to your appengine with url
'/crypt?key1= key2=
cc. Your appengine encrypts key2 with a secret string and redirects
the user to your video source with the url '/requestB?key2=
key3=

Where key1 and key2 are une time use random numbers and key3 is equal
key2 encrypted with a secret string.

--
Possibly this authorization sequence could need more code than user
interaction itself.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en
-~--~~~~--~~--~--~---

[google-appengine] Re: Interact with external server for static "private" files

[Albert Attard]

Hi:
You can write a proxy and this shouldn't be a problem since the data is
binary and you don't need to modify the contents.

Also, large contents may be fragmented, that is, one video saved on more
than one file (Example: file1.rar, file2.rar, ..., fileN.rar). Your
application/proxy may be required to handle this and return one file to the
user. In that case you can save the links in the data-store and map them
with an ID and a sequence number. Then using the proxy, your application
will retrieve the data and proxy-it to the user.

Hope this helps,
Albert Attard

Marie von 
Ebner-Eschenbach
- "Even a stopped clock is right twice a day."

2009/8/3 Holger 

>
> It may seem, but it's not trivial at all.
> > This seems like a pretty trivial thing to do
>
> The difficulty depends on how 'safe' the solution should be.
>
> I think the logical sequence could be:
>
> 1. User asks your appspot for video
>
> 2. User is redireced to your video source with an URL get attachment
> (the URL part behind the question mark) informing your video source:
>
> 2a. Information on the video which shall be presented to the user
>
> 2b. Information on user authorization
>
> -
> An easy form of authorization proof would be a MD5 hash of a secret
> string plus date and hour. Your user could extract the url, but this
> url would work within the current hour only.
>
> 
> A safer sequence would be a multi redirection.
>
> aa. The user is redireted to your video source with url '/requestA?
> video= key1=
> bb. Your video source creates a redirection to your appengine with url
> '/crypt?key1= key2=
> cc. Your appengine encrypts key2 with a secret string and redirects
> the user to your video source with the url '/requestB?key2=
> key3=
>
> Where key1 and key2 are une time use random numbers and key3 is equal
> key2 encrypted with a secret string.
>
> --
> Possibly this authorization sequence could need more code than user
> interaction itself.
>
> >
>

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en
-~--~~~~--~~--~--~---

[google-appengine] Re: Interact with external server for static "private" files

[Tim Hoffman]

Hi

I suggest you look at S3, that included facilities for securing files.

T

On Aug 3, 11:04 am, jivany  wrote:
> I've been unsuccessfully searching through the group for some pointers
> on how to implement this.
>
> Here's my scenario - I want to be able to push large images and videos
> online, files that would be larger than the current App Engine
> limits.  I want to control access to these files as if they were blobs
> in an App Engine datastore (simple stuff like controlling who can view
> them) but I want to store them on a third party server (that I have
> control over). Obviously, a direct URL to the image isn't good as
> anyone could find that. I'd need a simple backend script running on
> the third-party server.
>
> I don't really care about how the files are actually going to get
> where they need to go, I can manage that.  What I'm having trouble
> with is how to setup that third-party server with a simple script that
> would serve up the content when requested by the App Engine front end.
> That script would have to check that the request is coming from the
> front-end and for a valid (authorized) user.
>
> This seems like a pretty trivial thing to do but I can't figure out
> what I need to pull it off. Any help is appreciated!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en
-~--~~~~--~~--~--~---

[google-appengine] Re: Interact with external server for static "private" files

[Jeff Ivany]

On Aug 3, 12:08 am, Holger  wrote:
> The difficulty depends on how 'safe' the solution should be.

Fort Knox of course. ;)  No, this is just something to share pics and
vids with the family so it doesn't have to be guaranteed secure. Just
secure enough to keep casual browsers from viewing it all.

> An easy form of authorization proof would be a MD5 hash of a secret
> string plus date and hour. Your user could extract the url, but this
> url would work within the current hour only.

Your sequence is pretty much what I had in mind.  I think I got caught
up in requiring the third-party server to be able to determine if the
user was authenticated via their Google account.  Your MD5 suggestion
is super simple and would work good enough for my purposes.  If it
doesn't, I can always enhance it with something like your multi
redirection approach.

Thanks!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en
-~--~~~~--~~--~--~---

[google-appengine] Re: Interact with external server for static "private" files

[Holger]

To keep browsers from viewing it all you should include the
transmitted video ID into the string (=secret+ID+datetime) which is
MD5 hashed.
> secure enough to keep casual browsers from viewing it all.

Thus an extracted url would be good for an hour of redownload of the
same video but not of another one.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en
-~--~~~~--~~--~--~---

[google-appengine] Re: Interact with external server for static "private" files

[Nick Johnson (Google)]

To further expand on what others have suggested, you can implement
this using cookies and authentication similar to what Google Accounts
does for App Engine. The flow would go something like this:

1) Your app generates a token for the currently logged in user,
consisting of their username and the current datetime HMACed with a
secret that only your app and the third-party site knows
2) Your app sends a 302 redirect to the user, redirecting them to a
login URL on the third-party server, and containing the token you
generated in step 1, along with a 'continue' URL.
3) The third party server receives and verifies the request with the
token, and issues the user a session cookie identifying them as logged
in, as well as a 302 redirect back to the continue URL you specified
in step 2.
4) Serve up links to files on the third-party service as per normal.
The third-party service checks for the presence and validity of the
session cookie generated in step 3 before serving files to a user.

This way, there's no need for 'secret' or expiring URLs. You can also
reverse the flow - have the third-party server redirect to you if the
user is not authenticated, have a handler on your app that generates
the token and redirects back to the third-party server. This may be
the better option, in fact.

You may find it simpler to use something like OAuth to achieve this,
which will take care of everything except issuing and validating the
cookie. Or you might find it easier to do yourself - but you run the
risk of making a mistake that makes your service vulnerable, of
course. Don't take my off-the-cuff description of how to generate the
token as gospel, naturally.

-Nick

On Mon, Aug 3, 2009 at 4:04 AM, jivany wrote:
>
> I've been unsuccessfully searching through the group for some pointers
> on how to implement this.
>
> Here's my scenario - I want to be able to push large images and videos
> online, files that would be larger than the current App Engine
> limits.  I want to control access to these files as if they were blobs
> in an App Engine datastore (simple stuff like controlling who can view
> them) but I want to store them on a third party server (that I have
> control over). Obviously, a direct URL to the image isn't good as
> anyone could find that. I'd need a simple backend script running on
> the third-party server.
>
> I don't really care about how the files are actually going to get
> where they need to go, I can manage that.  What I'm having trouble
> with is how to setup that third-party server with a simple script that
> would serve up the content when requested by the App Engine front end.
> That script would have to check that the request is coming from the
> front-end and for a valid (authorized) user.
>
> This seems like a pretty trivial thing to do but I can't figure out
> what I need to pull it off. Any help is appreciated!
> >
>



-- 
Nick Johnson, Developer Programs Engineer, App Engine

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com
To unsubscribe from this group, send email to 
google-appengine+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/google-appengine?hl=en
-~--~~~~--~~--~--~---