get current user with java in Google apps Marketplace

1
votes

I'm developing an App for the Google Apps Marketplace with Java and Appengine.

I need to know if the user that is making the request to my app is logged-in with a Google account. And if is the case and the user is logged in, run the app using OAuth2 with "Service Account" to make the api calls. One solution that occurred to me is to use:

 <security-constraint>
    <web-resource-collection>
      <web-resource-name>any</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>*</role-name>
    </auth-constraint>
  </security-constraint>

In the "web.xml" file.

However, the Google Apps Marketplace managers have told me that I can not use this system. Nor I can use OAuth2 flow (Client ID for web application), because the user don't need to accept the scopes if the admin has been accepted this scopes previously.

What alternative would you use? Why I can not use the ""?

Thanks in advance and regards.

1
javagoogle-app-engineservletsgoogle-apps-marketplace
why not you use the google User Api to check is user logged in or not like this UserService userService = UserServiceFactory.getUserService(); com.google.appengine.api.users.User user = userService.getCurrentUser(); - Waqas Ali

1 Answers

0
votes

I would recommend you use the Google Java Client library and App Engine support. There's a specific sample that demonstrates how to use a Service Account on App Engine with Cloud Storage but the technique should be the same for whatever api you plan to use (like the Admin SDK).