a lot of documentation that I had read about how to build Marketplace's apps is telling me to use OpenID+Oauth 1.0 with 2-Legged. But reading all other information about Authentication on Google's docs is telling me OAuth 1.0 is deprecaded and should NOT be used.
So what is correct? Should I use OAuth 1.0 on Marketplace or not ?
PS: to clarify, I'm going to use Google Documents List API version 3.0 API, because on Drive SDK is impossible to know user's email, based on a File's permission set. On the File's permission set there's only the name, but I need the user's email.
Thanks,
Expanding on jonathanberi's comment,
As on this answer Google has deprecated the Oauth1 and OpenId. Google recommend using OAuth2 for all marketplace apps, especially after the new experience announcement
Here is some sample code
def get(self, *args, **kwargs):
code = self.get_argument('code', None)
error = self.get_argument('error',None)
redirect_uri = "{protocol}://{host}{path}".format( protocol = self.request.protocol,
host = self.request.host,
path = self.request.path)
flow = OAuth2WebServerFlow(
client_id = config['CLIENT_ID'],
client_secret= config['CLIENT_SECRET'],
scope = 'https://www.googleapis.com/auth/userinfo.email',
redirect_uri = redirect_uri,
access_type = 'online'
)
if code is None:
auth_uri = flow.step1_get_authorize_url()
self.redirect(auth_uri)
elif error:
self.redirect("http://error.com")
else:
credentials = flow.step2_exchange(code)
http = httplib2.Http()
http = credentials.authorize(http)
service = build('oauth2', 'v2', http=http)
user = service.userinfo().get().execute()