I have a GAE application with an endpoint that requires authentication,
which I need to call from an application (rather than from in a browser). I
was using ClientLogin, but that is now obsolete, so I have set up a Service
Account in the Google Console, and stored its keypair .p12 file so that I
can use the OAuth methods as described in the documentation.
Although the GoogleCredential builder successfully returns an authorization
token, if I then use that token in an HTTP get call to the endpoint, the
response is always the Google Login page.
Why, if I use the token, does GAE not take my application call as
authorized? Am I doing this all wrong or missing a step?
Here is the code:
String emailAddress = "xxxxx...@developer.gserviceaccount.com";
JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance();
String emailScope = "https://www.googleapis.com/auth/userinfo.email";;
String keyFileName = "YYYYY.p12";
String baseURL = "http://ZZZZZ.appspot.com";;
HttpTransport httpTransport;
try {
httpTransport = GoogleNetHttpTransport.newTrustedTransport();
File keyFile = new File(keyFileName);
if(!keyFile.exists()) {
System.err.println("Key file "+keyFileName+" missing");
System.exit(0);
}
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId(emailAddress)
.setServiceAccountScopes(Collections.singleton(emailScope))
.setServiceAccountPrivateKeyFromP12File(keyFile)
.build();
boolean success = credential.refreshToken();
System.out.println("Access token refresh "+ success);
String token = credential.getAccessToken();
System.out.println("Token "+token);
String uri = "http://ZZZZZ.appspot.com/gcm/home";;
System.out.println("uri: " + uri);
HttpGet get = new HttpGet(uri);
get.setHeader("Cookie", token);
HttpClient client = new DefaultHttpClient();
HttpResponse response = client.execute(get);
response.getEntity().writeTo(System.out);
Typical output:
Access token refresh true
Token ya29.xQGG1kxxxxxxxxxxxxxxxxxxx
uri: http://ZZZZZ.appspot.com/gcm/home
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta content="width=300, initial-scale=1" name="viewport">
<meta name="google-site-verification"
content="LrdTUW9psUAMbh4Ia074-BPEVmcpBxF6Gwf0MSgQXZs">
<title>Sign in - Google Accounts</title>
.....
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to google-appengine+unsubscr...@googlegroups.com.
To post to this group, send email to google-appengine@googlegroups.com.
Visit this group at http://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/547a76b0-45b3-4c74-995a-b4c98d97160d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
