Doodles for Google Apps


Since 1998, when the first doodle was released, they have been one of the most loved features of the Google home page. There have been doodles to celebrate all kinds of events, including national holidays, birthdays of artists and scientists, sports competitions, scientific discoveries and even video games! Also, doodles have evolved from simple static images to complex applications, such as the interactive electric guitar used to celebrate the birthday of Les Paul.

Want your company logo to change for selected events or holidays, just like doodles? The Admin Settings API allows domain administrators to write scripts to programmatically change the logo of their Google Apps domain, and Google App Engine offers the ability to configure regularly scheduled tasks, so that those scripts can run automatically every day.

With these two pieces combined, it is pretty easy to implement a complete solution to change the domain logo on a daily basis (assuming the graphic designers have prepared a doodle for each day), as in the following screenshot:


Let’s start with a Python App Engine script called

import gdata.apps.adminsettings.service
from google.appengine.ext import webapp
from google.appengine.ext.webapp import util
from datetime import date

class DoodleHandler(webapp.RequestHandler):
  # list of available doodles
  DOODLES = {    
    '1-1': 'images/newyearsday.jpg',
    '2-14': 'images/valentinesday.jpg',
    '10-31': 'images/halloween.jpg',
    '12-25': 'images/christmas.jpg'

  # returns the path to the doodle corresponding to the date
  # or None if no doodle is available
  def getHolidayDoodle(self, date):
    key = '%s-%s' % (date.month,
    if key not in self.DOODLES:
      return None

    return self.DOODLES[key]

  # handles HTTP requests by setting today’s doodle
  def get(self):
    doodle = self.getHolidayDoodle(

    if doodle:
      service = gdata.apps.adminsettings.service.AdminSettingsService()
      // replace domain, email and password with your credentials
      // or change the authorization mechanism to use OAuth
      service.domain = 'MYDOMAIN.COM' = 'ADMIN@MYDOMAIN.COM'
      service.password = 'MYPASSWORD'
      service.source = 'DoodleApps'

      # reads the doodle image and update the domain logo
      doodle_bytes = open(doodle, "rb").read()

# webapp initialization
def main():
    application = webapp.WSGIApplication([('/', DoodleHandler)],

if __name__ == '__main__':

The script uses a set of predefined doodles which can be edited to match your list of images or replaced with more sophisticated logic, such as using the Google Calendar API to get the list of holidays in your country.

Every time the script is triggered by an incoming HTTP request, it will check whether a doodle for the date is available and, if there is one, update the domain logo using the Admin Settings API.

In order for this script to be deployed on App Engine, you need to to configure the application by defining a app.yaml file with the following content:

application: doodleapps
version: 1
runtime: python
api_version: 1

- url: .*

We want the script to run automatically every 24 hours, without the need for the administrator to send a request, so we also have to define another configuration file called cron.yaml:

- description: daily doodle update
  url: /
  schedule: every 24 hours

Once the application is deployed on App Engine, it will run the script on a daily basis and update the logo.

The magic of gzip compression

All developers agree that saving bandwidth is a critical factor for the success of a mobile application. Less data usage means faster response times and also lower costs for the users as the vast majority of mobile data plans are limited or billed on a per-usage basis.

When using any of the Google Data APIs in your application, you can reduce the amount of data to be transferred by requesting gzip-encoded responses. On average, the size of a page of users returned by the Provisioning API (100 accounts) is about 100 Kb, while the same data, gzip-encoded, is about 5 Kb — 20 times smaller! When you can reduce data sizes at this dramatic scale, the benefits of compression will often outweigh any costs in client-side processing for decompression.

Enabling gzip-encoding in your application requires two steps. You have to edit the User-Agent

string to contain the value gzip

and you must also include an Accept-Encoding

header with the same value. For example:

User-Agent: my application - gzip

Accept-Encoding: gzip

Client libraries for the various supported programming languages make enabling gzip-encoded responses even easier. For instance, in the .NET client library it is as easy as setting the boolean UseGZip flag of the RequestFactory object:

service.RequestFactory.UseGZip = true;

For any questions, please get in touch with us in the respective forum for the API you’re using.

OAuth 1.0 Tokens with the Python Client Library


The OAuth Playground is a great tool to learn how the OAuth flow works. But at the same time it can be used to generate a “long-lived” access token that can be stored, and used later by applications to access data through calls to APIs. These tokens can be used to make command line tools or to run batch jobs.

In this example, I will be using this token and making calls to the Google Provisioning API using the Python client library for Google Data APIs. But the following method can be used for any of the Google Data APIs. This method requires the token is pushed on the token_store, which is list of all the tokens that get generated in the process of using Python client libraries. In general, the library takes care of it. But in cases where it’s easier to request a token out of band, it can be a useful technique.

Step 1: Generate an Access token using the OAuth Playground.
Go through the following process on the OAuth Playground interface:

  • Choose scope(s) of every API you want to use in your application ( for the Provisioning API) . Here you can also add scopes which are not visible in the list.
  • Choose an encryption method that is the signature method to encode your consumer credentials. (“HMAC-SHA1” is the most common)
  • Enter your consumer_key and consumer_secret in the respective text fields. The consumer_key identifies your domain and is unique to each domain.

After entering all the required details you need to press these buttons on the OAuth Playground in sequence:

  • Request token: This will call Google’s OAuth server to issue you a request token.
  • Authorize: This will then redirect you to the authorization URL where you can authorize or deny access. At this point if you deny the access you will not be able to generate the Access token. Accepting this will convert the Request token generated in the last step into an Authorized Request token.
  • Access token: Finally, this step will exchange the authorized Request token for an Access token.

After the last step the text field captioned auth_token in the OAuth Playground has the required Access token and that captioned access_token_secret has the corresponding token secret to be used later.

Step 2: Use the above token when making calls to the API using a Python Client Library.

Here is an example in Python which uses the OAuth access token that was generated from OAuth Playground to retrieve data for a user.

SIG_METHOD = gdata.auth.OAuthSignatureMethod.HMAC_SHA1

DOMAIN = “your_domain”

client = gdata.apps.service.AppsService(source=”app”, domain=DOMAIN)
client.SetOAuthInputParameters(SIG_METHOD, CONSUMER_KEY, consumer_secret=CONSUMER_SECRET)
temp_token = gdata.auth.OAuthToken(key=TOKEN, secret=TOKEN_SECRET);
temp_token.oauth_input_params = client.GetOAuthInputParameters()
#Make the API calls
user_info = client.RetrieveUser(“username”)

It is important to explicitly set the input parameters as shown above. Whenever you call SetOuthToken it creates a new token and pushes it into the token_store. That becomes the current token. Even if you call SetOauthToken and SetOAuthInputParameters back to back, it won’t set the input params for the token you set.