Building on my previous post, here are some things I learned today while working to get OpenID and oAuth playing nicely with Django on App Engine.
While App Engine has a very nice login system that hooks seamlessly into Google Accounts, gaining access to the user’s data via one of the Gdata feeds requires an additional authorization (you would use oAuth of course). However, Google has also introduced a federated login method whereby you can send the user to one screen where they both login and approve your access via oAuth to their data. So, I gave up development speed in favor of something that is hopefully simpler for my users. If you want to know more, Joseph Smarr of Plaxo has a good writeup of how the hybrid OpenID + oAuth combination came about. Read more »