GWT + GAE + OAuth + Access Calendar services

Hi,

1. Here is the sample application:

http://gwtoauthsample.appspot.com/

There are 4 buttons in the application.

a. Authorize Access - Start the OAuth flow.

b. Get Calendar - to get all the calendars.

c. Add Calendar - Adds a calendar with hardcoded details.

d. Remove credentials - Removes the Oauth token for the user from our DB. Currently it does not revoke the OAuth access. For that you have to go to the calendar application and change the account settings (i.e. authorize access).

2. Web.xml has a special entry in there.

<security-constraint>

I think this protects all the pages in the application. Due to this you will see the google login page right away when you hit the application URL.

I think we can use loginservice approach for the same behavior. Can someone please try this out?

3. One special thing we do here is that GWT code calls a normal servlet. 

- Not sure on the impact of this on the application history.

- Search for 'Window'. (Also check the web.xml to find the servlet mapped to the URL)

4. All the code is put into AccessCalendar.java. Debug all the click handlers in there.

5. You can easily add a method in the RPC service to show / hide the Authorize Access button. If user credential is present in our DB then hide the button else show the button.

6. In some cases I have seen a invalid token error. Not sure why this happens. At that time I have to delete the user credentials from our DB and then all works well. I am suspecting temporary tokens as a reason for the same. But again I am not 100% sure.

Let me know if you have any questions.

Best Regards,
Vishal