How to forward domain requests to gae url - google-app-engine

I have different customers who own each their own hosted saas page on my gae app. for example:
myapp.appspot.com/customer/123
myapp.appspot.com/customer/456
each of the customers may want his domain name for example theBigDomain.com to "invisibilly" forward to myapp.appspot.com/customer/123
Please notice I want theBigDomain.com/myservlet?id=theId#aBookmarkUrl to be transmitted to the target url as myapp.appspot.com/customer/123/myservlet?id=theId#aBookmarkUrl
I searched for the google documentation and I can't find a way to do that.
Note: I don't want a redirect where the person who types theBigDomain.com finds he's not there anymore, and I don't want a frame to include my url in the theBigDomain.com since I want the user to be able to click on the back button.
In short, I want the domains to work as proxies, knowing that from what I know, proxies are not good for some content, for exampe, if my target link has a youtube video, this might not work. So I'm asking if there is a way to do a dns redirect for a url and not a domain???
Using subdomains is also limited: creating a subdomain for each customer will be a tedious work...

Using subdomains is also limited: creating a subdomain for each customer will be a tedious work...
How so? This could actually be a lot easier for you/your customers since your customers wouldn't have to deal with domain verification/DNS settings and all you would need to do is add one * (wildcard) host to your main domain pointing to ghs.googlehosted.com and adding *.yourdomain.com in your GAE apps's settings. In your app, in your framework of choice you would then see what subdomain the request came to and and handle it as the customer's unique id (instead of 123/456). See here how you would determine the subdomain on python/webapp2. If you're using a different combination of language/framework - there are alternatives functions as well.
If you still want the customers to use their own domains then it gets a little more complicated. First, they need to provide the full domain name to you, you then add it to your GAE app's settings. Next, you and your customers need to follow one of the verifications steps listed on this page: https://support.google.com/a/answer/60216?hl=en and once that is complete you would need to ask your customers to create a CNAME record on their domains/subdomains pointing to ghs.googlehosted.com. Once the CNAME record is created, you would handle this just like the if these were subdomains on your own domain, i.e. in your framework determine what domain the request came to and handle it as a customer's unique ID to serve that customer's app.

Related

How to add Single sign-on support for bots to existing application?

Currently we have an application in production that allows for Single sign-on in tabs, we followed https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-aad-sso and this works well.
For this to work an Application ID URI is set, like so: api://www.domainusedintab.com/378271d1-b8e4-4f01-a9bb-e724dbec43c8, where 378271d1-b8e4-4f01-a9bb-e724dbec43c8 is some application ID.
We now want to add Single sign-on support for bots, like described in https://learn.microsoft.com/en-us/microsoftteams/platform/bots/how-to/authentication/auth-aad-sso-bots. To make this work a change is needed to the Application ID URI, api://botid-5d417275-b104-462e-9998-2b2b0ec4244f, where 5d417275-b104-462e-9998-2b2b0ec4244f is the ID of the bot service.
The problem is that it's not clear on how to combines these two into a single Application ID URI, based on the previous documentation pages it seems it's one way or the other.
We tried to just tack on /botid-5d417275-b104-462e-9998-2b2b0ec4244f after our current Application ID URI, to make api://www.domainusedintab.com/378271d1-b8e4-4f01-a9bb-e724dbec43c8/botid-5d417275-b104-462e-9998-2b2b0ec4244f. This seems to work fine... But it also seems like a bit of a hack that might break at any time.
Are there any resources on how to properly solve this?
We can add the existing bots to the existing application to work on SSO. We need to add the web applcation info in the manifest to view the changes in the application. For more information please check Single sign-on (SSO) support for bots
As it turns out, it is possible to provide multiple Application ID URIs for an App registration. This is not available through the Expose an API interface, you need to change it directly in the manifest. The identifierUris field holds the Application ID URIs — the current one from the Expose an API interface should be the only item here.

Validating Sender Addresses in Appengine

My app needs to send emails from several addresses: noreply#, accounts# and support#, for instance. Now I'm setting up country-specific domains.
To send emails from Appengine, the sender address has to be a registered admin. To become an admin, you need to have a Google Apps account. But it appears you can't use aliases ("nicknames") - when you click the invite link, you have to log in, which you can't do as an alias. I think this also means I can't set up the country-specific domains as alias domains in Google Apps.
I'm not a cheapskate, but paying $50 per account (three accounts times five domains - $2,250) per year purely to validate the sender addresses is a bit rich. Am I missing something blindingly obvious?
Unfortunately that's how it currently works.
From what I understand GAE team is working on alternate solutions and while they figure out something they offer an AppEngine credit.
But that only works once per App.
We handle this by using an external service (SendGrid, that introduced a pay-as-you-go offer with the same pricing as AppEngine). However if you want full DKIM or other features it becomes much more expensive.

How can I reset the domain-verification process in Google Apps for Business?

As part of my App Engine application, I decided to configure an already-purchased custom domain name that would point to the app. To do this, I was directed to use Google's Apps for Business product.
Unfortunately, verification of the custom domain went bad, which was a surprise, because Google contacted my domain registrar directly. A week passed, and the domain was still listed as undergoing verification.
Is there a way I can restart the process, and hopefully complete it by a different method?
Have a look at this page:
http://support.google.com/a/bin/answer.py?answer=96917
Click on the first radio button ("I'm receiving the message 'This domain is already in use.'")
Toward the bottom of the page, there will be a URL template:
https://www.google.com/a/cpanel/<your domain name>/VerifyAdminAccountPasswordReset
Sign into your Google Apps account, then substitute your domain name in the above URL-template where indicated.
When you visit the resulting URL, Google will ask you for an email address. You will then get an email supplying data values for a new CNAME record you can add at your domain-registrar's website. If you do that correctly, Google will then consider your custom domain as verified.

CakePHP multisite (like WPMU + domain mapping)... possible?

So I'm just starting to play with CakePHP and was wondering if the following was possible:
A single install of Cake, with a super admin login. Then, admins that have access to specified "sub sites", and the ability to create/edit content and users on those sub sites. Finally, the ability to map domain names (not subdomains, but unique domains) to the routes; so instead of mysite.com/subsite/posts/1 it would just be newdomain.com/posts/1
Essentially, I'm looking to replicate the experience of using Wordpress Multi-user (with domain mapping).
Is this possible? If so, what should I be looking into?
Sure. You can even use the same set of code and just configure certain domains to point to the code. Then in the code base, tie a domain ID to each user and the content so it knows where it belongs. You can have admin users belong to all domains. Then when you add regular users, you can specify what domain they belong to.
You could establish the domain checking in the Config/bootstrap.php and then set the configuration for the domain like so:
Configure::write('domain_id', 'someDomainSpecificID');
Then you only have to maintain one set of code and one database from many domains.
If the domains have to be physically separate, you could set up one location for the ADMIN users (single database) and run everything against that.
There are many ways you could architect it, it just depends on what your specific needs are. It sounds like a cool project though.

How to handle 3rd-level domains in Google App Engine?

I develop Google App Engine application and want to provide separate 3rd-level domain for each registered user (e.g. username.example.com).What is the best way to handle such kind of features in App Engine?
Currently I see the only one way - set wildcard DNS A-record CNAME-record to point to the application's main address, handle all requests in the central request handler, then parse request's URL, fetch username from URL, and then apply logic neccessary for specified user. But it looks like error-prone approach since it involves manual work and assumptions.
You can't use an wildcard A record wildcard to point to the app; A records point to a single IP address and App Engine apps don't have a single IP address.
You need to use a wildcard CNAME record pointing to ghs.google.com.
Then, in your application, parse the hostname and act appropriately. I'm not sure what you mean by "manual work and assumptions"; it's fairly trivial to split the hostname on . and lookup whether there's a user registered with the first part of the hostname in your database.

Resources