Argh! The method I used to use to authenticate my Python programs on a Rapsberry Pi has been shut down by Google. I’m now supposed to use something called OAuth2 (I think) but I’m struggling to get my head around it.
Could anyone give me a two sentence introduction to it, or an OAuth2 for Dummies link? Please…!
I’m assuming you were using something like OpenID to connect previously, OAuth2 works differently in that the unauthorised client (browser) will get redirected to Google (or Facebook, Twitter or whatever OAuth provider you’re offering) where they’ll log in and grant access to your application. Then the client gets given a special token by the OAuth provider and is redirected back to your application. Your app takes the token and confers with the OAuth provider behind the scenes and checks it for validity. If it’s valid the OAuth provider will also usually provide whatever data you authorised (email address, firstname, lastname, etc). At this point it’s up to you to decide what to do with the valid user, usually you set a session or integrate with some user handling library.
I’m not overly familiar with Python but there are usually some 3rd party abstraction packages that handle all the gory details for you, this one looks pretty handy and has sample code for use with Flask: https://requests-oauthlib.readthedocs.org/en/latest/
You will need to register your application with Google in order to get your client ID/etc: https://console.developers.google.com/project
I stumbled on this pretty handy reference while I was looking for the above link: https://developers.google.com/identity/protocols/OAuth2WebServer
Hope that helps, shout if you have any questions.
1 Like