Google Apps customized google login page in appspot

Question

I have an appspot application in python.

Requirement:

Custom login screen in application where Google users can Signin. Setting up appropriate sessions so that even if user tries to open Google Mail or any authenticated Google site it should open directly without asking username and password. I dont want to redirect them to Google login page.

Things that I've tried so far :

1st Approach
    1) Using ClientLogin, validate username and password in py
        - Get Auth token
        - Using Auth token retrieve Cookies
        - Redirect to secured appspot url by setting up the Cookies. 

    Now this should ideally take me to the secured url of appspot application. But its showing the Google Login page. 
    Source code : [http://pastebin.com/wfZ8eDGM][1] [http://stackoverflow.com/questions/101742/how-do-you-access-an-authenticated-google-app-engine-service-from-a-non-web-py][2]
2nd Approach
    1) Plainly copied the html source from Google Login page and paste it in login.html as described here http://stackoverflow.com/questions/13815084/custom-google-apps-login-page/13815342#13815342
    2) Upon clicking login button, its showing "Oops! Your browser seems to have cookies disabled. Make sure cookies are enabled or try opening a new browser window. ". But cookies are enabled in broswer.
    Source code: [http://pastebin.com/N7thPc3u][3]

Is there anything that I am missing ? or Is there any other approach for doing this ?

Thanks for the answers. Are you sure ?.. As such I found some apps like gLogin and CloudPages in market place that does the similar kind of thing.. — Kartik Domadiya, Apr 26 '14 at 06:41
Users always log in via a google login page if you are using a google account. I have never seen a situation where you can't. — Tim Hoffman, Apr 26 '14 at 06:43
Actually there is requirement of custom login page in my appspot app.. So looking for alternatives if any. The users of this app. are ok if they have to enter username and password in app. rather than in Google Login. — Kartik Domadiya, Apr 26 '14 at 06:46
cloudpages in an installable app from the google apps marketplace which means it can bypass the google login page, so long as that user is already authenticated. — Gwyn Howell, Apr 26 '14 at 09:16
Thats different, they have still logged in via a google login page. The question is about a custom login page. — Tim Hoffman, Apr 26 '14 at 10:31
I have an appengine application that has it's own basic auth login, and only run over SSL, with a custom login page, but it's all implemented within application. — Tim Hoffman, Apr 26 '14 at 10:32
If this was possible this would be a security bug. Users need to have a session cookie on .google.com domain in order to use other google services and you can't set a cookie there. Also it's a terrible idea to use ClientLogin and force your users passwords to go through your possibly insecure application. Why would you want that? — Eduardo, Apr 29 '14 at 17:09

score 0 · Answer 1 · answered May 05 '14 at 04:36

0

For hosted google applications, you could use SAML (Google is the SP, and your service can act as the IDP) https://developers.google.com/google-apps/sso/saml_reference_implementation

answered May 05 '14 at 04:36

capybaras

198
1
6

Yeah. Thanks. I am already aware of this. But I don't want to use that approach. – Kartik Domadiya May 05 '14 at 06:48
It's worth mentioning that outside of caching user credentials somewhere (bad), I believe this is your only option. – capybaras May 05 '14 at 12:54

Google Apps customized google login page in appspot

1 Answers1

Linked