File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

questions regarding Google oauth for java desktop app

 
Yahya Elyasse
Ranch Hand
Posts: 510
Eclipse IDE Google Web Toolkit Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello,
i'm writing a java desktop app (namely an oppeoffice plugin). one of the requirements it to authenticate the user with Google using oauth.

i found two options:
1- using http://code.google.com/apis/accounts/docs/OAuth.html . for this method i need to use an embedded tomcat Lite server and also an embedded java Browser (SWT Browser).
2-the second option is to use ClientLogin for Installed Applications ( http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html)

my question : which login method you advise me to use? the first one is complicated requiring an embedded browser and server but seems powerful . the second method is simple but probably my users will feel their login is not secure because i'll be asking them to input their google username and password even-though i'll not store them.
can you advise me which option to use for my desktop application, and mention the pros and cons of both authentication methods mentioned above?

my second question is : will it be safe if i encrypt the google "access_token" and store it in user hard disk? will this pose any security risks?

thanks.
 
Sandy Marar
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The best method will be to use OAuth2.0 for installed applications.
 
Yahya Elyasse
Ranch Hand
Posts: 510
Eclipse IDE Google Web Toolkit Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sandy Marar wrote:The best method will be to use OAuth2.0 for installed applications.

is OAuth2.0 any different from OAuth 1? where is the documentation for OAuth2.0 desktop client support?

thanks
 
Sandy Marar
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OAuth 2.0 is considered to be a bit more easier to implement.I am also discovering the usefulness of OAuth 2.0 as I write this.The documentation can be found in the following link

http://code.google.com/apis/youtube/2.0/developers_guide_protocol_oauth2.html
 
Yahya Elyasse
Ranch Hand
Posts: 510
Eclipse IDE Google Web Toolkit Java
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sandy Marar wrote:OAuth 2.0 is considered to be a bit more easier to implement.I am also discovering the usefulness of OAuth 2.0 as I write this.The documentation can be found in the following link

http://code.google.com/apis/youtube/2.0/developers_guide_protocol_oauth2.html

thank you this seems interesting. i'll try reading this new OAuth2.0 documentation.
 
Sandy Marar
Greenhorn
Posts: 16
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your welcome!...Its always a better option as it is considered to be more secure.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic