Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using Auth with Endpoints

Tags:

java

google-app-engine

google-cloud-endpoints

I defined a simple API using Google Cloud Endpoints:

@Api(name = "realestate", version = "v1", clientIds = { com.google.api.server.spi.Constant.API_EXPLORER_CLIENT_ID }, scopes = {
        "https://www.googleapis.com/auth/userinfo.email",
        "https://www.googleapis.com/auth/userinfo.profile" })
public class RealEstatePropertyV1 {

    @ApiMethod(name = "create", path = "properties", httpMethod = HttpMethod.POST)
    public void create(RealEstateProperty property, User user)
            throws UnauthorizedException {
        if (user == null) {
            throw new UnauthorizedException("Must log in");
        }
        System.out.println(user.getEmail());
    }

}

Then I try to test it using the API explorer. I activated OAuth 2.0. But when I execute the request, the User object is null.

Jun 23, 2013 10:21:50 AM com.google.appengine.tools.development.DevAppServerImpl start
INFO: Dev App Server is now running
Jun 23, 2013 10:22:42 AM com.google.api.server.spi.SystemServiceServlet init
INFO: SPI restricted: true
Jun 23, 2013 10:22:43 AM com.google.api.server.spi.WebApisUserService getCurrentUser
WARNING: getCurrentUser: clientId  not allowed
Jun 23, 2013 10:22:43 AM com.google.api.server.spi.SystemService invokeServiceMethod
INFO: cause={0}
com.google.api.server.spi.response.UnauthorizedException: Must log in
    at com.realestate.api.v1.RealEstatePropertyV1.create(RealEstatePropertyV1.java:44)
like image 774
Sydney Avatar asked Nov 03 '22 19:11

Sydney

1 Answers

The message getCurrentUser: clientId not allowed indicates that the client ID associated with the token is the empty string. This doesn't seem possible and may be a strange bug/quirk.

You should check the token sent in the request, it will be in the Request section in something like

GET https://www.googleapis.com/oauth2/v2/userinfo?key={YOUR_API_KEY}

Authorization:  Bearer ya29....
X-JavaScript-User-Agent:  Google APIs Explorer

and your token is the one that starts with ya29.. You should make sure the token info checks out by sending it into the tokeninfo API:

https://developers.google.com/apis-explorer/#p/oauth2/v2/oauth2.tokeninfo
like image 99
bossylobster Avatar answered Nov 15 '22 08:11

bossylobster
Sign in to Comment

Related questions

How to display eclipse project type
onNewIntent is not called in JellyBean
Easy way to share profile configuration among profiles in Maven?
Efficiently looking up array element based on x/y coordinates
Protobuf c# to java deserializing multiple messages
Displaying various objects' instance variables in a JTable and modifying them
How to call a javascript cookie in servlet?
How to Disable Spring Security Filters
Hibernate and MS SQL Server Identity column
Why does Spring's <jdbc:embedded-database> throw a SQLSyntaxErrorException?
Prefixing variables names to indicate their respective scope or origin?
Running Java process as Service in Linux
Specific locations and menu items for each bundled card
In Eclipse, how can I export a package and all sub-packages as a jar?
Effeciently transfer large amount of byte data from C++ to Java
Handling large search queries on relatively small index documents in Lucene
Using scala and java in play framework 2.1 : Session usage
How to model a tree with Hibernate?
MyBatis Batch Insert/Update For Oracle
Retrofit: Unable to create @Body converter for class

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!