• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Paweł Baczyński
  • Piet Souris
  • Vijitha Kumara

questions regarding Google oauth for java desktop app

 
Ranch Hand
Posts: 510
Google Web Toolkit Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello,
i'm writing a java desktop app (namely an oppeoffice plugin). one of the requirements it to authenticate the user with Google using oauth.

i found two options:
1- using http://code.google.com/apis/accounts/docs/OAuth.html . for this method i need to use an embedded tomcat Lite server and also an embedded java Browser (SWT Browser).
2-the second option is to use ClientLogin for Installed Applications ( http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html)

my question : which login method you advise me to use? the first one is complicated requiring an embedded browser and server but seems powerful . the second method is simple but probably my users will feel their login is not secure because i'll be asking them to input their google username and password even-though i'll not store them.
can you advise me which option to use for my desktop application, and mention the pros and cons of both authentication methods mentioned above?

my second question is : will it be safe if i encrypt the google "access_token" and store it in user hard disk? will this pose any security risks?

thanks.
 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The best method will be to use OAuth2.0 for installed applications.
 
Yahya Elyasse
Ranch Hand
Posts: 510
Google Web Toolkit Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Sandy Marar wrote:The best method will be to use OAuth2.0 for installed applications.


is OAuth2.0 any different from OAuth 1? where is the documentation for OAuth2.0 desktop client support?

thanks
 
Sandy Marar
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OAuth 2.0 is considered to be a bit more easier to implement.I am also discovering the usefulness of OAuth 2.0 as I write this.The documentation can be found in the following link

http://code.google.com/apis/youtube/2.0/developers_guide_protocol_oauth2.html
 
Yahya Elyasse
Ranch Hand
Posts: 510
Google Web Toolkit Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Sandy Marar wrote:OAuth 2.0 is considered to be a bit more easier to implement.I am also discovering the usefulness of OAuth 2.0 as I write this.The documentation can be found in the following link

http://code.google.com/apis/youtube/2.0/developers_guide_protocol_oauth2.html


thank you this seems interesting. i'll try reading this new OAuth2.0 documentation.
 
Sandy Marar
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your welcome!...Its always a better option as it is considered to be more secure.
 
A day job? In an office? My worst nightmare! Comfort me tiny ad!
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!