SignedJwtAssertionCredentials can be used on App Engine, just be sure to turn on PyCrypto 2.6, and convert the PKCS12 key file into a PEM file:
$ openssl pkcs12 -in xxxxx.p12 -nodes -nocerts > privatekey.pem
题
I'm using AppAssertionCredentials on my python GAE app, to authenticate as a service account. However this is a generic service account, I don't see how to authorize it to impersonate user accounts in my Google Apps Domain.
This was possible with the JWT credentials way (see this video: http://www.youtube.com/watch?v=iK14bfd6qhs) but JWT doesn't work on appengine.
any suggestions?
解决方案
SignedJwtAssertionCredentials can be used on App Engine, just be sure to turn on PyCrypto 2.6, and convert the PKCS12 key file into a PEM file:
$ openssl pkcs12 -in xxxxx.p12 -nodes -nocerts > privatekey.pem