Google Data API AuthSub Authentication

In this example we will use AuthSub to authenticate to a Google service. The Google Data API provides helper methods to use AuthSub. Using AuthSub allows web applications to get a authentication token without ever handling the persons username or password.

There are three main actions it helps with, creating the redirect URL, getting the single use token and getting a session token.

AuthSubUtil methods

getRequestUrl(string continueUrl, string scope, bool secure, bool session)
This constructs the URL the user must be redirected to, to login
getTokenFromReply(Uri uri)
This extracts the single use token from the response URL
exchangeForSessionToken(string onetimeUseToken, AsymmetricAlgorithm key)
This is used to get a session token to be used for multiple requests to the service

This example will just cover the authentication process. First I created a abstract base page class which is used to store the session Token between pages.

    public abstract class BasePage: Page
        protected string AccessToken
            get { return (string)Session["GoogleAccessToken"]; }
            set { Session["GoogleAccessToken"] = value; }

Then let’s create the Login.aspx page, which redirects you to the Google to confirm the authentication.

        protected void Page_Load(object sender, EventArgs e)
            BtnLogin.Click += BtnLogin_Click;

        private void BtnLogin_Click(object sender, EventArgs e)
            const string nextUrl = "http://localhost:5315/GetToken.aspx";
            const string scope = "";
            const bool secure = false;
            const bool session = true;

            string authSubUrl = AuthSubUtil.getRequestUrl(nextUrl, scope, secure, session);


Notice that we have set the scope, this limits what access the authentication token will allow you access to.

Next lets create the GetToken.aspx page for handling the response from Google.

       protected void Page_Load(object sender, EventArgs e)
            string singleUseToken = "";

            if (!string.IsNullOrEmpty(Request.QueryString["token"]))
                singleUseToken = Request.QueryString["token"];

            if (string.IsNullOrEmpty(singleUseToken))
                Response.Write("Access Token is NULL");

            AccessToken = AuthSubUtil.exchangeForSessionToken(singleUseToken, null);


Once we have the single use security token we call the exchangeForSessionToken method to change it into a token that can be used for multiple requests to the Google service.

You can download the Using AuthSub Authentication with Google Data API project here, it also contains code for getting data from Google Webmaster Tools.


No comments yet.

Add Yours

  • Author Avatar


Comment Arrow

About Author


Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning hands down.