401 am I missing something
243 views
Skip to first unread message
atm
Oct 14, 2010, 10:09:55 AM10/14/10
to android-c2dm
I am not sure if I am getting this quite right, my steps are as
follows.
I use android account manager to get an auth token, for the google
account on the phone and authTokenType "ah"
I run the "com.google.android.c2dm.intent.REGISTER" service to
register the app, (using an approved sender email address)
The register service returns with a register_id.
I log into my server application on the GAE logging in using the auth
token.
I send the register_id and the auth token to the server application?
The server application should then be able to make calls to c2dm
service using the register_id and auth token in the post request as
described in http://code.google.com/android/c2dm/index.html.
Any calls the server application makes get returned with a 401.
Thanks
Alex.
follows.
I use android account manager to get an auth token, for the google
account on the phone and authTokenType "ah"
I run the "com.google.android.c2dm.intent.REGISTER" service to
register the app, (using an approved sender email address)
The register service returns with a register_id.
I log into my server application on the GAE logging in using the auth
token.
I send the register_id and the auth token to the server application?
The server application should then be able to make calls to c2dm
service using the register_id and auth token in the post request as
described in http://code.google.com/android/c2dm/index.html.
Any calls the server application makes get returned with a 401.
Thanks
Alex.
atm
Oct 14, 2010, 12:29:55 PM10/14/10
to android-c2dm
I think my misunderstanding is todo with the ClientLogin which the 3rd
party server sends to the c2dm service.
Is the ClientLogin cookie something that needs to be set for each app
user? Or is it set once by the developer of the 3rd party server so
that is works for all users of his app (and the end user does not know
anything about it).
Alex
On Oct 14, 3:09 pm, atm <atmoo...@gmail.com> wrote:
> I am not sure if I am getting this quite right, my steps are as
> follows.
>
> I use android account manager to get an auth token, for the google
> account on the phone and authTokenType "ah"
> I run the "com.google.android.c2dm.intent.REGISTER" service to
> register the app, (using an approved sender email address)
> The register service returns with a register_id.
>
> I log into my server application on the GAE logging in using the auth
> token.
> I send the register_id and the auth token to the server application?
>
> The server application should then be able to make calls to c2dm
> service using the register_id and auth token in the post request as
> described inhttp://code.google.com/android/c2dm/index.html.
party server sends to the c2dm service.
Is the ClientLogin cookie something that needs to be set for each app
user? Or is it set once by the developer of the 3rd party server so
that is works for all users of his app (and the end user does not know
anything about it).
Alex
On Oct 14, 3:09 pm, atm <atmoo...@gmail.com> wrote:
> I am not sure if I am getting this quite right, my steps are as
> follows.
>
> I use android account manager to get an auth token, for the google
> account on the phone and authTokenType "ah"
> I run the "com.google.android.c2dm.intent.REGISTER" service to
> register the app, (using an approved sender email address)
> The register service returns with a register_id.
>
> I log into my server application on the GAE logging in using the auth
> token.
> I send the register_id and the auth token to the server application?
>
> The server application should then be able to make calls to c2dm
> service using the register_id and auth token in the post request as
atm
Oct 14, 2010, 1:38:08 PM10/14/10
to android-c2dm
ah fixed it thanks.
Nachiket
Oct 19, 2010, 12:45:12 AM10/19/10
to android-c2dm
Hi Alex, Can you share how you fixed it? Stuck on same problem..
When I send request to c2dm endpoint, I am putting
conn.setRequestProperty("Authorization", "GoogleLogin auth=" +
authToken);
WHERE, authToken is token which was returned from ClientLogin API in
"Auth" param.
Any idea or hint will help alot.
Thanks
Nachiket
-
When I send request to c2dm endpoint, I am putting
conn.setRequestProperty("Authorization", "GoogleLogin auth=" +
authToken);
WHERE, authToken is token which was returned from ClientLogin API in
"Auth" param.
Any idea or hint will help alot.
Thanks
Nachiket
-
Gary
Oct 19, 2010, 10:27:44 AM10/19/10
to android-c2dm
Just a thought (I'm new to C2DM myself), but make sure you're sending
the authToken that belongs to the account that was originally
registered with the C2DM service. From what Alex said, he/she was
sending an authToken that belonged to the Google account on the device
itself, which won't work...hence the unauthorized response. It's the
3rd party server that needs the permission to send the message, not
the individual device application user.
Hopefully that helps, and my first post to this group hasn't been one
that makes a complete fool of myself. :-)
Thanks,
Gary
> > > > Alex.- Hide quoted text -
>
> - Show quoted text -
the authToken that belongs to the account that was originally
registered with the C2DM service. From what Alex said, he/she was
sending an authToken that belonged to the Google account on the device
itself, which won't work...hence the unauthorized response. It's the
3rd party server that needs the permission to send the message, not
the individual device application user.
Hopefully that helps, and my first post to this group hasn't been one
that makes a complete fool of myself. :-)
Thanks,
Gary
>
> - Show quoted text -
Mike
Oct 20, 2010, 10:54:14 AM10/20/10
to android-c2dm
Gary is correct. I don't have access to my code at the moment but
that's the idea. It can be a bit confusing when you get started and
I've seen posts similar to this one, so maybe this will help a bit. I
do have a working solution (not yet public) that I've had running for
a couple of months now and it hasn't failed.
[Role Account]
*The Role account is the account you signed up with. This should be
something special that you use for this service. I would even login to
gmail once with it just to be sure everything's set before registering
with c2dm.
*Register your role account with C2DM (You've probably already done
this)
*Obtain the auth token (I used curl but the documentation outlines
other methods) for the role account. You will use this when sending
messages to the device using the role account. (role account + auth
token + registered device id + message)
[Application that you use to send the message to the device]
*The application sending the message (typically web app but really
could be anything) uses the role account to send a message to a device
and includes the auth token and the registered device id.
**The application sending the message should securely store the auth
token.
**The application sending the message should handle updates to the
auth token from Google in the response header when calling the c2dm
server. In theory, you can seed an auth token in your application
somehow (database, secure file, etc...) and your application updates
it when Google tells you to. This shouldn't require future
intervention.
[Device receiving message]
*Device registers with C2DM - Sends ROLE account. This is your role
account username that you're using for sending messages from the
server. You're basically telling Google... This device would like
messages from c2dmrol...@gmail.com for this application; give me
an ID.
*Google returns a registered device ID (lfu98342u943248f3) and you
somehow send that to YOUR server [application sending the message].
Your server stores that so it knows how to get in contact with the
device. Every device should have a different ID.
Please don't use your role id as Google account on the phone. I
believe there's a bug related to this but I would consider it a poor
practice either way. If something happens to that account, you'll have
a headache on your hands down the road. Please create a new account
just for this and protect it... they're free after all.
Hope this helps.
-Mike
that's the idea. It can be a bit confusing when you get started and
I've seen posts similar to this one, so maybe this will help a bit. I
do have a working solution (not yet public) that I've had running for
a couple of months now and it hasn't failed.
[Role Account]
*The Role account is the account you signed up with. This should be
something special that you use for this service. I would even login to
gmail once with it just to be sure everything's set before registering
with c2dm.
*Register your role account with C2DM (You've probably already done
this)
*Obtain the auth token (I used curl but the documentation outlines
other methods) for the role account. You will use this when sending
messages to the device using the role account. (role account + auth
token + registered device id + message)
[Application that you use to send the message to the device]
*The application sending the message (typically web app but really
could be anything) uses the role account to send a message to a device
and includes the auth token and the registered device id.
**The application sending the message should securely store the auth
token.
**The application sending the message should handle updates to the
auth token from Google in the response header when calling the c2dm
server. In theory, you can seed an auth token in your application
somehow (database, secure file, etc...) and your application updates
it when Google tells you to. This shouldn't require future
intervention.
[Device receiving message]
*Device registers with C2DM - Sends ROLE account. This is your role
account username that you're using for sending messages from the
server. You're basically telling Google... This device would like
messages from c2dmrol...@gmail.com for this application; give me
an ID.
*Google returns a registered device ID (lfu98342u943248f3) and you
somehow send that to YOUR server [application sending the message].
Your server stores that so it knows how to get in contact with the
device. Every device should have a different ID.
Please don't use your role id as Google account on the phone. I
believe there's a bug related to this but I would consider it a poor
practice either way. If something happens to that account, you'll have
a headache on your hands down the road. Please create a new account
just for this and protect it... they're free after all.
Hope this helps.
-Mike
Reply all
Reply to author
Forward
0 new messages