Using Google ClientLogin

The answer to this was much less obvious than I expected it to be, so I figured I’d blog it. If you’re using Google’s ClientLogin API for turning a username and a password into an auth token, what do you do with the token? The result of POSTing to /accounts/ClientLogin gets you three values, and Google says to “reference” the Auth=foo line and discard the rest.

The answer is to send back a header of the form Authorization: GoogleLogin auth=foo. (That is to say, your authentication token doesn’t go anywhere in the POST data, which is what I tried for a while…)

Incidentally, I’m doing this because I’m playing with Google Cloud Print. I successfully created a cloud printer printed a PDF from my phone to, uh, a shell wget command. More on that later.

13 May 2011