I have a GWT-based app deployed on Google App Engine (Java). The app uses Google Account for authentication as described here: https://cloud.google.com/appengine/docs/java/users/ and uses GWT-RPC for communicating with the backend services. I use GAE's UserService to get the user object (and email ID) in my RemoteServiceServlet.
Now I want to replace Google Account with Google Identity Toolkit (GIT) so that I can offer more login options (Email, Google, Facebook etc.) to my users. I have created a small GAE-based sample application (non-GWT) using GIT and it works well. I used the GitKitClient library for Java to do the OAuth token authentication and get the user profile on the server.
But I'm wondering how GIT would work with GWT-RPC. Would the GAE UserService still work in my RemoteServiceServlet if I switch to GIT for login (instead of Google Account)? Or do I need to do the OAuth token authentication in my RemoteServiceServlet using the GitKitClient as I do in my non-GWT sample app?
I'm very new to GIT and OAuth and would appreciate any help on this matter.
Thanks.
GAE UserService does not recognize the Google Identity Toolkit token. You need to use the Google Identity Toolkit Java library to validate the Google Identity Toolkit token in your RemoteServiceServlet, in the same way as you already implemented in your sample GAE app.