shindig-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Hoffman <...@cranestylelabs.com>
Subject Re: OAuth2 and Google Service Account
Date Thu, 21 May 2015 15:17:33 GMT
Hi Doug,

Thanks for your response. I made the changes you suggested, but got the
same error.

Thanks,
Dan

On Thu, May 21, 2015 at 7:20 AM, Davies,Douglas <daviesd@oclc.org> wrote:

> Try usesAuthorizationHeader = false and usesUrlParameter = true.
>
> doug
>
>
> On May 20, 2015, at 6:58 PM, Dan Hoffman <dan@cranestylelabs.com> wrote:
>
> > Hello!
> >
> > I'm trying to create a gadget that will show data from my Google
> Analytics
> > account. Since I own the data, not the user, it doesn't make sense to ask
> > the user for permission. I created a Service Account (which lets me make
> > requests as my app instead of as a user) and am trying to implement a
> > client_credentials flow.
> >
> > I'm running shindig 2.5.2.
> >
> > When I set up the service account, I got a client ID, client email
> address,
> > and a JSON key file. I could also get a P12 key if that makes a
> difference.
> >
> > My goal is to have shindig handle the OAuth2 stuff and let my gadget grab
> > analytics data from my account without having to ask for any credentials.
> > Is this even possible? If so, how do I set it up? Are my oauth2,json
> > settings incorrect? I assume I'm supposed to put the key file somewhere
> > where shindig can access it, but I don't know where, or how to tell
> shindig
> > where to find it.
> >
> > With my current settings, I get an authentication_problem error with the
> > explanation "The authentication headers could not be added to the
> request".
> >
> > I've been banging my head against this for days, so any help you could
> > provide would be much appreciated!
> >
> > Thanks,
> > Dan
> >
> > Here are the relevant pieces of my oauth2.json file:
> >
> > {
> >   "gadgetBindings" : {
> >      "http://localhost:8080/opensocial-apps/PersonalStats.xml" : {
> >         "googleAPI" : {
> >            "clientName"          : "googleApi_personalStats",
> >            "allowModuleOverride" : "true"
> >         }
> >      }
> >   },
> >   "clients" : {
> >      "googleApi_personalStats" : {
> >         "providerName"  : "googleAPI",
> >         "type"          : "confidential",
> >         "grant_type"    : "client_credentials",
> >         "client_id"     : "MY_CLIENT_ID",
> >         "client_secret" : "I_DO_NOT_HAVE_ONE"
> >      }
> >   },
> >   "providers" : {
> >      "googleAPI" : {
> >        "client_authentication" : "STANDARD",
> >        "usesAuthorizationHeader" : "true",
> >        "usesUrlParameter" : "true",
> >        "endpoints" : {
> >            "authorizationUrl"  : "
> https://accounts.google.com/o/oauth2/auth
> > ",
> >            "tokenUrl"          : "
> > https://accounts.google.com/o/oauth2/token"
> >        }
> >      }
> >   }
> > }
> >
> > The JSON key file that looks like this:
> >
> > {
> >  "private_key_id": "KEY_ID_STRING",
> >  "private_key": "-----BEGIN PRIVATE KEY-----\nSOME_BIG_LONG_KEY\n-----END
> > PRIVATE KEY-----\n",
> >  "client_email": "CLIENT_ID_STRING@developer.gserviceaccount.com",
> >  "client_id": "CLIENT_ID_STRING.apps.googleusercontent.com",
> >  "type": "service_account"
> > }
> >
> > And here's the full error:
> >
> > *code:*authentication_problem
> > *uri:*
> > *description:*org.apache.shindig.gadgets.oauth2.OAuth2Request encountered
> > an error : The client authentication is being added : can't handle error
> > response code 400 , ,
> > *explanation:*The authentication headers could not be added to the
> request.
> > *trace:*
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message