警告:本页面介绍的是 Google 的旧版 API,即 Google 数据 API;它仅与 Google 数据 API 目录中列出的许多 API 相关,其中许多 API 已替换为较新的 API。如需了解特定新 API,请参阅新 API 的文档。如需了解如何使用较新的 API 向请求授权,请参阅 Google 帐号身份验证和授权。
重要提示:对于新应用,请勿使用 StreetView。请改用安全性更高的 OAuth 身份验证协议。届时,系统将不会响应 Paging 请求。如果您的现有应用均使用 SafeFrame,我们建议您迁移到 OAuth。此库中的 Paging 支持将在下一个主要版本中被移除。
本文档介绍了如何在每个 Google Data API 客户端库中使用 Google 的安装式应用身份验证。
如果已安装的应用需要访问用户的私有数据(受 Google 或 G Suite 帐号保护),则可以使用 Paging 作为程序化方式对用户进行身份验证。“已安装的应用”是指安装在桌面设备或手机等设备(而非 Web 应用)上的应用。
构建 Web 应用?
不建议让 Web 应用使用 Paging 作为其身份验证方法。请改为参阅将 AuthSub 与 Google Data API 客户端库搭配使用。
观众
本文档适用于想要编写通过 Google 数据 API 客户端库访问 Google 数据服务的应用的开发者。本文档假定您熟悉 Paging 接口。有关 EGL 协议的完整说明,请参阅安装式应用的身份验证。
Google Data API 客户端库提供在应用中使用 Paging 的方法。具体而言,您可以通过多种方法来获取身份验证令牌、处理人机识别系统验证、找回身份验证令牌以供日后使用,以及在每次请求中发送正确的 Authorization 标头。
在没有客户端库的情况下使用 StreetView API 和 Google 数据 API
客户端库绝不是在您的应用中使用 Paging 的唯一方式。您需知悉的所有内容都可以参阅 Paging 文档的针对已安装应用的身份验证。不过,这些客户端库提供了在 Google Data 应用中使用 Paging 的实用方法。
使用 Paging 和 Google Data API:客户端库示例
本部分将举例说明如何使用 Google Data API 客户端库按照 EGL 文档中的“StreetView 接口”部分中所述的步骤操作。
本文档中的各个示例演示了如何与 Google 日历交互(尽管您无需了解 Calendar Data API 即可参考示例)。
获取身份验证令牌
如需使用 Paging,您的应用应该为处理程序 Paging 的处理程序 https://www.google.com/accounts/ClientLogin 创建 HTTPS POST。POST 正文的结构应为采用默认编码 application/x-www-form-urlencoded 的表单帖子。您可以使用其中一个客户端库,通过一行代码发出此请求。
以下示例会首先设置一个连接到 Calendar Data API 的服务对象,然后将 HTTP POST 设置为 Paging 处理程序。
Java
import com.google.gdata.client.*; import com.google.gdata.client.calendar.*; CalendarService client = new CalendarService("yourCompany-yourAppName-v1"); client.setUserCredentials("user@example.com", "pa$$word");
If you know your users will be using a G Suite account (as opposed to a Google/Gmail Account), you can streamline the login process by specifying the appropriate ClientLogin account type:
import com.google.gdata.client.*; import com.google.gdata.client.calendar.*; CalendarService client = new CalendarService("yourCompany-yourAppName-v1"); client.setUserCredentials("user@example.com", "pa$$word", ClientLoginAccountType.HOSTED);
.NET
using Google.GData.Client; using Google.GData.Calendar; CalendarService client = new CalendarService("yourCompany-yourAppName-v1"); client.setUserCredentials("user@example.com", "pa$$word"); client.QueryAuthenticationToken(); // Authenticate the user immediately
If you know your users will be using a G Suite account (as opposed to a Google/Gmail Account), you can streamline the login process by specifying the appropriate ClientLogin account type:
using Google.GData.Client; using Google.GData.Calendar; GDataGAuthRequestFactory authFactory = new GDataGAuthRequestFactory("cl", "yourCompany-yourAppName-v1"); authFactory.AccountType = "HOSTED"; CalendarService client = new CalendarService(authFactory.ApplicationName); client.RequestFactory = authFactory; client.setUserCredentials("user@example.com", "pa$$word"); client.QueryAuthenticationToken(); // Authenticate the user immediately
PHP
require_once 'Zend/Loader.php';
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Calendar');
$serviceName = Zend_Gdata_Calendar::AUTH_SERVICE_NAME; // predefined service name ('cl') for calendar
$applicationName = 'yourCompany-yourAppName-v1';
// Create an authenticated HTTP client
$httpClient = Zend_Gdata_ClientLogin::getHttpClient('user@example.com', 'pa$$word', $serviceName, null, $applicationName);
$client = new Zend_Gdata_Calendar($httpClient, $applicationName); // Create an instance of the Calendar service
If you know your users will be using a G Suite account (as opposed to a Google/Gmail Account), you can streamline the login process by specifying the appropriate ClientLogin account type:
require_once 'Zend/Loader.php';
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Calendar');
$serviceName = Zend_Gdata_Calendar::AUTH_SERVICE_NAME;
$applicationName = 'yourCompany-yourAppName-v1';
$accountType = 'HOSTED';
$httpClient = Zend_Gdata_ClientLogin::getHttpClient(
'user@example.com', 'pa$$word', $serviceName, null, $applicationName, null, null, null, $accountType);
$client = new Zend_Gdata_Calendar($httpClient, $applicationName);
Python
如果您使用的是基于 GDClient 的较新的 v2.0 类,请使用:
import gdata.calendar.client email = 'user@example.com' password = 'pa$$word' application_name = 'yourCompany-yourAppName-v1' client = gdata.calendar.client.CalendarClient() auth_token = client.ClientLogin(email, password, application_name, service='cl')
If you know your users will be using a G Suite account (as opposed to a Google/Gmail Account), you can streamline the login process by specifying the appropriate ClientLogin account type:
auth_token = client.ClientLogin(email, password, application_name, account_type='HOSTED', service='cl')
Alternatively, if you're using the older v1.0 classes based off of GDataService, the calls are a bit different:
import gdata.calendar.service email = 'user@example.com' password = 'pa$$word' application_name = 'yourCompany-yourAppName-v1' client = gdata.calendar.service.CalendarService() client.ClientLogin(email, password, source=application_name) # OR, you can use ProgrammaticLogin() client = gdata.calendar.service.CalendarService(email=email, password=password, source=application_name) client.ProgrammaticLogin()
与在 v2.0 及更高版本中一样,如果您的用户使用的是 G Suite 帐号,您可以指定适当的 EGL 帐号类型:
import gdata.calendar.service client = gdata.calendar.service.CalendarService() client.ClientLogin('user@example.com', 'pa$$word', account_type='HOSTED', source='yourCompany-yourAppName-v1')
See the request parameters section for a
detailed explanation of each ClientLogin parameter. A complete list of available service names is available in the FAQ.
Note: By default, the client libraries set an account-type parameter to
HOSTED_OR_GOOGLE. That means ClientLogin will first try to authenticate the user's credentials as a G Suite account. If that fails,
it will try to authenticate as a Google Account. This becomes tricky if user@example.com is both a Google Account and a G Suite account.
In that special case, set the account type to GOOGLE if the user wishes to use the Google Accounts version of user@example.com.
Once the login information has been successfully authenticated, Google returns a token, which your application will reference each time
it requests access to the user's account, such as to GET or POST data. The token remains valid for a set length of time,
defined by whichever Google service you're working with. Typically, tokens remain valid for 2 weeks.
Recalling an auth token
After your application has authenticated the user once, there's no need for them to input their credentials again.
We recommend storing the Auth token in your database and recalling it as necessary. That will save the overhead of an additional
HTTPS POST and a possible CAPTCHA challenge.
The libraries provide getters/setters for accessing the token:
Java
String token = '12345abcde'; // TODO: Read user's token from your database client.setUserToken(token); UserToken auth_token = (UserToken) client.getAuthTokenFactory().getAuthToken(); token = auth_token.getValue(); // token is '12345abcde'
.NET
String token = '12345abcde'; // TODO: Read user's token from your database client.SetAuthenticationToken(token); GDataGAuthRequestFactory requestFactory = (GDataGAuthRequestFactory) client.RequestFactory; token = requestFactory.GAuthToken; // token is '12345abcde'
PHP
$token = '12345abcde'; // TODO: Read user's token from your database $client->getHttpClient()->setClientLoginToken($token); $token = $client->getHttpClient()->getClientLoginToken(); // $token is '12345abcde'
Python
If you're using the newer v2.0+ classes based off of GDClient, use:
import gdata.gauth token = '12345abcde' # TODO: Read user's token from your database client.auth_token = gdata.gauth.ClientLoginToken(token) token = client.auth_token.token_string # token is '12345abcde'
If you're using the older v1.0 classes based off of GDataService, the process is a bit different.
token = '12345abcde' # TODO: Read user's token from your database client.SetClientLoginToken(token) token = client.GetClientLoginToken() # token is '12345abcde'
Handling CAPTCHA challenges
A failure response from ClientLogin contains an error code and a URL to an error page that can be displayed to the user. If the error code is a CAPTCHA challenge, the response also includes a URL to a CAPTCHA image and a special token. Your application should be able to solicit an answer from the user and then retry the login request.
Java
String email = "user@example.com";
String password = "pa$$word";
try {
client.setUserCredentials(email, password);
} catch (CaptchaRequiredException e) {
System.out.println("Please visit " + e.getCaptchaUrl());
System.out.print("Answer to the challenge? ");
BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
String answer = in.readLine();
service.setUserCredentials(email, password, e.getCaptchaToken(), answer);
} catch (AuthenticationException e) {
System.out.println(e.getMessage());
}
.NET
try
{
client.setUserCredentials("user@example.com", "pa$$word");
client.QueryAuthenticationToken(); // Authenticate the user immediately
}
catch (CaptchaRequiredException e)
{
Console.WriteLine("Please visit " + e.Url);
Console.Write("Answer to the challenge? ");
String answer = Console.ReadLine();
GDataGAuthRequestFactory requestFactory = (GDataGAuthRequestFactory) client.RequestFactory;
requestFactory.CaptchaAnswer = answer;
requestFactory.CaptchaToken = e.Token;
client.QueryAuthenticationToken(); // authenticate the user again
}
catch (InvalidCredentialsException e)
{
Console.WriteLine(e.Message);
}
catch (AuthenticationException e)
{
Console.WriteLine(e.Message);
}
PHP
$email = 'user@example.com';
$password = 'pa$$word';
$serviceName = 'cl'; // 'cl' is the service name for the Calendar API
$appName = 'yourCompany-yourAppName-v1';
try {
$httpClient = Zend_Gdata_ClientLogin::getHttpClient($email, $password, $serviceName, null, $appName);
} catch (Zend_Gdata_App_CaptchaRequiredException $e) {
echo '<a href="' . $e->getCaptchaUrl() . '">CAPTCHA answer required to login</a>';
$answer = 'Your answer to the challenge';
$httpClient = Zend_Gdata_ClientLogin::getHttpClient(
$email, $password, $serviceName, null, $appName, $e->getCaptchaToken(), $answer);
} catch (Zend_Gdata_App_AuthException $e) {
echo 'Error: ' . $e->getMessage();
if ($e->getResponse() != null) {
echo 'Body: ' . $e->getResponse()->getBody();
}
}
Python
如果您使用的是基于 GDClient 的较新的 v2.0 类,请使用:
import gdata.client try: client.ClientLogin(email, password, application_name, service='cl') except gdata.client.CaptchaChallenge as challenge: print 'Please visit ' + challenge.captcha_url answer = raw_input('Answer to the challenge? ') client.ClientLogin(email, password, application_name, captcha_token=challenge.captcha_token, captcha_response=answer) except gdata.client.BadAuthentication: exit('Users credentials were unrecognized') except gdata.client.RequestError: exit('Login Error')
如果您使用的是基于 GDataService 的旧版 v1.0 类,则过程略有不同。
import gdata.service email = 'user@example.com' password = 'pa$$word' application_name = 'yourCompany-yourAppName-v1' try: client.ClientLogin(email, password, source=application_name) except gdata.service.CaptchaRequired: print 'Please visit ' + client.captcha_url answer = raw_input('Answer to the challenge? ') client.ClientLogin(email, password, source=application_name, captcha_token=client.captcha_token, captcha_response=answer) except gdata.service.BadAuthentication: exit('Users credentials were unrecognized') except gdata.service.Error: exit('Login Error')
如需详细了解人机识别系统验证,请参阅“适用于已安装应用的身份验证”文档的 StreetView 响应部分。
其他资源和示例
- Google 数据 API 提示博客中的 Paging 示例
- 针对已安装应用的身份验证