Try usesAuthorizationHeader = false and usesUrlParameter = true.
doug
On May 20, 2015, at 6:58 PM, Dan Hoffman <dan@cranestylelabs.com> wrote:
> Hello!
>
> I'm trying to create a gadget that will show data from my Google Analytics
> account. Since I own the data, not the user, it doesn't make sense to ask
> the user for permission. I created a Service Account (which lets me make
> requests as my app instead of as a user) and am trying to implement a
> client_credentials flow.
>
> I'm running shindig 2.5.2.
>
> When I set up the service account, I got a client ID, client email address,
> and a JSON key file. I could also get a P12 key if that makes a difference.
>
> My goal is to have shindig handle the OAuth2 stuff and let my gadget grab
> analytics data from my account without having to ask for any credentials.
> Is this even possible? If so, how do I set it up? Are my oauth2,json
> settings incorrect? I assume I'm supposed to put the key file somewhere
> where shindig can access it, but I don't know where, or how to tell shindig
> where to find it.
>
> With my current settings, I get an authentication_problem error with the
> explanation "The authentication headers could not be added to the request".
>
> I've been banging my head against this for days, so any help you could
> provide would be much appreciated!
>
> Thanks,
> Dan
>
> Here are the relevant pieces of my oauth2.json file:
>
> {
> "gadgetBindings" : {
> "http://localhost:8080/opensocial-apps/PersonalStats.xml" : {
> "googleAPI" : {
> "clientName" : "googleApi_personalStats",
> "allowModuleOverride" : "true"
> }
> }
> },
> "clients" : {
> "googleApi_personalStats" : {
> "providerName" : "googleAPI",
> "type" : "confidential",
> "grant_type" : "client_credentials",
> "client_id" : "MY_CLIENT_ID",
> "client_secret" : "I_DO_NOT_HAVE_ONE"
> }
> },
> "providers" : {
> "googleAPI" : {
> "client_authentication" : "STANDARD",
> "usesAuthorizationHeader" : "true",
> "usesUrlParameter" : "true",
> "endpoints" : {
> "authorizationUrl" : "https://accounts.google.com/o/oauth2/auth
> ",
> "tokenUrl" : "
> https://accounts.google.com/o/oauth2/token"
> }
> }
> }
> }
>
> The JSON key file that looks like this:
>
> {
> "private_key_id": "KEY_ID_STRING",
> "private_key": "-----BEGIN PRIVATE KEY-----\nSOME_BIG_LONG_KEY\n-----END
> PRIVATE KEY-----\n",
> "client_email": "CLIENT_ID_STRING@developer.gserviceaccount.com",
> "client_id": "CLIENT_ID_STRING.apps.googleusercontent.com",
> "type": "service_account"
> }
>
> And here's the full error:
>
> *code:*authentication_problem
> *uri:*
> *description:*org.apache.shindig.gadgets.oauth2.OAuth2Request encountered
> an error : The client authentication is being added : can't handle error
> response code 400 , ,
> *explanation:*The authentication headers could not be added to the request.
> *trace:*
|