Google Supports developers by providing lots of API for each and every service they provide. By using those APIs, developers can communicate with Google and get feeds from any of thier services by developing a web based application or a installable client application. Before starting to get feeds and post feeds to Google accounts from the application, the developers must get the user's Google account authenticated. To do that user credentials such as email id with password must be send to Google and if the credentials are correct then Google will send back a authorizing token using which developers can start getting feeds and process them.


To authenticate a user, use Google account API, that allow third party application to get limited access to a user's Google accounts for certain types of activities. The Google Authorization Service manages authentication, authorization, and access control to user accounts, subject to approval from the account holder. Google offers several account authorization APIs to accomodate different types of access. Google provides three types of access authorization methods. They are

• AuthSub for web applications
• OAuth for both web and installed applications
• ClientLogin for installed applications

Now let me explain authenticating with ClientLogin for installed desktop application and will explain others in the future post. I have used action script with flex SDK, but u can try with other technologies with minor changes in the code.

Download the Full Code
First send a http request to Google using HTTPService class with the user name and password by POST.

<mx:HTTPService id="Google"
url="https://www.google.com/accounts/ClientLogin"
method="POST"
contentType="application/x-www-form-urlencoded"
result="handleLoginPlain(event);"
fault="handleLoginFault(event);" >
<mx:request xmlns="">
<accountType>HOSTED_OR_GOOGLE</accountType>
<Email>UrEmail@gmail.com</Email>
<Passwd>UrPassword</Passwd>
<source>OrganizationName-AppName-Version</source>
<service>ServiceUrgoing2use</service>
</mx:request>
</mx:HTTPService>Then scripts must be written to handle the result and failure.

<mx:Script>
<![CDATA[
import mx.rpc.events.FaultEvent;
import mx.rpc.events.ResultEvent;
import mx.controls.Alert;

[Bindable]
private var authString:String;

public function init():void {
Google.send();
}

private function handleLoginPlain(event:ResultEvent):void
{
var textindex:int;

trace("Event result "+event.result.toString());
authString = event.result.toString();
textindex = authString.search("Auth");
authString = authString.substring(textindex);
authString = authString.replace("Auth=","");
textindex = authString.length;
textindex = textindex - 1;
authString = authString.substring(0,textindex);

trace("Auth String "+authString);
}

public function handleLoginFault(event:FaultEvent):void
{
Alert.show("Login Error");
trace("Client Login Error Message"+event.message);
}
]]>
</mx:Script>
Explanation of the code:
First all the neccessary information for making a request are set in the HTTPService method. Dont forget to give a valid email and password in the class, otherwise you cannot get authorization. Then the request is send only in the scripting part in the init() function with will be called when application load completes by setting the tag "applicationComplete="init()"". The handlers are already set in the mx tag to handle the result event and failure event. A success response contains the authorization token, labeled "Auth", in the body of the response. Your application must reference this token in each request to the Google service for this user. Additional cookies, labeled "SID" and "LSID", are not currently active and should not be used. A failure response contains an error code and a URL to an error page that can be displayed to the user.

Check this links to get still more information from Google:

• Getting Started with Account Authorization
• CleineLogin For Installed Applications