Unable to fetch domain users using Google provisioning Api with Two leg Oauth.
128 views
Skip to first unread message
Saurab Parakh
Dec 16, 2011, 4:07:55 AM12/16/11
to google-app...@googlegroups.com
I have a gae application at google marketplace.
Where i need to get the domain users with the help to cosumer ke and secret.
Here is my code.
com.google.gdata.client.appsforyourdomain.UserService guserService = new com.google.gdata.client.appsforyourdomain.UserService(
"test");
String consumerKey = appProperties.getConsumerKey();
String consumerSecret = appProperties.getConsumerKeySecret();
String urlEscopo = "https://apps-apis.google.com/a/feeds/user/#readonly";
GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();
oauthParameters.setOAuthConsumerKey(consumerKey);
oauthParameters.setOAuthConsumerSecret(consumerSecret);
oauthParameters.setOAuthType(OAuthType.TWO_LEGGED_OAUTH);
oauthParameters.setScope(urlEscopo);
try {
guserService.setOAuthCredentials(oauthParameters,
new OAuthHmacSha1Signer());
guserService.setReadTimeout(20000);
guserService.setConnectTimeout(20000);
} catch (OAuthException e) {
e.printStackTrace();
throw new ServletException("Unable to initialize service",
e);
}
final String APPS_FEEDS_URL_BASE =
"https://apps-apis.google.com/a/feeds/";
final String SERVICE_VERSION = "2.0";
String domainUrlBase = APPS_FEEDS_URL_BASE + CommonWebUtil.getDomain(getCurrentUser(
request).getEmail()) + "/";
URL retrieveUrl = new URL(domainUrlBase + "user/" + SERVICE_VERSION);
UserFeed genericFeed = new UserFeed();
Link nextLink = null;
do {
try {
System.out.println("retrieveUrl"+retrieveUrl);
genericFeed = guserService.getFeed(retrieveUrl, UserFeed.class);
genericFeed.getEntries().addAll(genericFeed.getEntries());
nextLink = genericFeed.getLink(Link.Rel.NEXT, Link.Type.ATOM);
if (nextLink != null) {
retrieveUrl = new URL(nextLink.getHref());
}
} catch (AppsForYourDomainException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ServiceException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} while (nextLink != null);
if (genericFeed != null && genericFeed.getEntries() != null && !genericFeed.getEntries().isEmpty()) {
for (UserEntry genericEntry : genericFeed.getEntries()) {
System.out.println(genericEntry.getLogin().getUserName());
// appUsers.add(appUser);
}
}
And the eror I am getting is as follows:
WARNING: Unable to respond to any of these challenges: {googlelogin=GoogleLogin realm="http://www.google.com/accounts/ClientLogin", service="apps"}
com.google.gdata.util.AuthenticationException: OK
<HTML>
<HEAD>
<TITLE>Unknown authorization header</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Unknown authorization header</H1>
<H2>Error 401</H2>
</BODY>
</HTML>
at com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse(HttpGDataRequest.java:596)
at com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse(GoogleGDataRequest.java:563)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse(HttpGDataRequest.java:550)
at com.google.gdata.client.http.HttpGDataRequest.execute(HttpGDataRequest.java:530)
at com.google.gdata.client.http.GoogleGDataRequest.execute(GoogleGDataRequest.java:535)
at com.google.gdata.client.Service.getFeed(Service.java:1135)
at com.google.gdata.client.Service.getFeed(Service.java:998)
at com.google.gdata.client.GoogleService.getFeed(GoogleService.java:631)
at com.google.gdata.client.Service.getFeed(Service.java:1017)
at com.google.gdata.client.appsforyourdomain.AppsForYourDomainService.getFeed(AppsForYourDomainService.java:137)
at com.netkiller.web.sharedcontacts.SharedContactsController.handleRequest(SharedContactsController.java:243)
at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:560)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:58)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
And when i added "?xoauth_requestor_id=a...@xyx.com" to my feed url It gave and error with message "invalid Authsub scope".
I wasted more than a day solving the problem. Please help me fixing this issue.
Regards,
Saurab parakh
Where i need to get the domain users with the help to cosumer ke and secret.
Here is my code.
com.google.gdata.client.appsforyourdomain.UserService guserService = new com.google.gdata.client.appsforyourdomain.UserService(
"test");
String consumerKey = appProperties.getConsumerKey();
String consumerSecret = appProperties.getConsumerKeySecret();
String urlEscopo = "https://apps-apis.google.com/a/feeds/user/#readonly";
GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();
oauthParameters.setOAuthConsumerKey(consumerKey);
oauthParameters.setOAuthConsumerSecret(consumerSecret);
oauthParameters.setOAuthType(OAuthType.TWO_LEGGED_OAUTH);
oauthParameters.setScope(urlEscopo);
try {
guserService.setOAuthCredentials(oauthParameters,
new OAuthHmacSha1Signer());
guserService.setReadTimeout(20000);
guserService.setConnectTimeout(20000);
} catch (OAuthException e) {
e.printStackTrace();
throw new ServletException("Unable to initialize service",
e);
}
final String APPS_FEEDS_URL_BASE =
"https://apps-apis.google.com/a/feeds/";
final String SERVICE_VERSION = "2.0";
String domainUrlBase = APPS_FEEDS_URL_BASE + CommonWebUtil.getDomain(getCurrentUser(
request).getEmail()) + "/";
URL retrieveUrl = new URL(domainUrlBase + "user/" + SERVICE_VERSION);
UserFeed genericFeed = new UserFeed();
Link nextLink = null;
do {
try {
System.out.println("retrieveUrl"+retrieveUrl);
genericFeed = guserService.getFeed(retrieveUrl, UserFeed.class);
genericFeed.getEntries().addAll(genericFeed.getEntries());
nextLink = genericFeed.getLink(Link.Rel.NEXT, Link.Type.ATOM);
if (nextLink != null) {
retrieveUrl = new URL(nextLink.getHref());
}
} catch (AppsForYourDomainException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ServiceException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} while (nextLink != null);
if (genericFeed != null && genericFeed.getEntries() != null && !genericFeed.getEntries().isEmpty()) {
for (UserEntry genericEntry : genericFeed.getEntries()) {
System.out.println(genericEntry.getLogin().getUserName());
// appUsers.add(appUser);
}
}
And the eror I am getting is as follows:
WARNING: Unable to respond to any of these challenges: {googlelogin=GoogleLogin realm="http://www.google.com/accounts/ClientLogin", service="apps"}
com.google.gdata.util.AuthenticationException: OK
<HTML>
<HEAD>
<TITLE>Unknown authorization header</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Unknown authorization header</H1>
<H2>Error 401</H2>
</BODY>
</HTML>
at com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse(HttpGDataRequest.java:596)
at com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse(GoogleGDataRequest.java:563)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse(HttpGDataRequest.java:550)
at com.google.gdata.client.http.HttpGDataRequest.execute(HttpGDataRequest.java:530)
at com.google.gdata.client.http.GoogleGDataRequest.execute(GoogleGDataRequest.java:535)
at com.google.gdata.client.Service.getFeed(Service.java:1135)
at com.google.gdata.client.Service.getFeed(Service.java:998)
at com.google.gdata.client.GoogleService.getFeed(GoogleService.java:631)
at com.google.gdata.client.Service.getFeed(Service.java:1017)
at com.google.gdata.client.appsforyourdomain.AppsForYourDomainService.getFeed(AppsForYourDomainService.java:137)
at com.netkiller.web.sharedcontacts.SharedContactsController.handleRequest(SharedContactsController.java:243)
at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:560)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:58)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:938)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:755)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
And when i added "?xoauth_requestor_id=a...@xyx.com" to my feed url It gave and error with message "invalid Authsub scope".
I wasted more than a day solving the problem. Please help me fixing this issue.
Regards,
Saurab parakh
Gunjan Sharma
Dec 19, 2011, 12:11:12 AM12/19/11
to google-app...@googlegroups.com
Hello Saurabh
Your code works perfectly fine for me. Can you make sure that you are passing Consumer_key and secret corresponding to your domain itself and nothing else?
Thanks
Gunjan Sharma
Gunjan Sharma
Dec 19, 2011, 7:17:21 AM12/19/11
to google-app...@googlegroups.com
Hello Saurabh
You also have to explicitly authorize "https://apps-apis.google.com/a/feeds/user/#readonly" scope for the domain. To learn how to to do so see this doc.
Thanks
Gunjan Sharma
Saurab Parakh
Dec 19, 2011, 8:19:28 AM12/19/11
to google-app...@googlegroups.com
Thank you Gunjan. You are absolutely correct. I just got rid of this issue.
But I have stuck facing another issue now.
Since I want this to be done for a marketplace application and I have added the scope to my manifest file. But still other domains' admin doesnot get any notification about granting access to this scope. Do I explicitly need do do something so that domains' admin can grant access to the user provisioning api scope?
As per my knowledge the domain admin must automatically get some notification about this whenever they login to the domain's control panel.
Anyways,
Thanks again Gunjan for your support.
Thanks and regards,
Saurab Parak
But I have stuck facing another issue now.
Since I want this to be done for a marketplace application and I have added the scope to my manifest file. But still other domains' admin doesnot get any notification about granting access to this scope. Do I explicitly need do do something so that domains' admin can grant access to the user provisioning api scope?
As per my knowledge the domain admin must automatically get some notification about this whenever they login to the domain's control panel.
Anyways,
Thanks again Gunjan for your support.
Thanks and regards,
Saurab Parak
Gunjan Sharma
Dec 19, 2011, 8:38:19 AM12/19/11
to google-app...@googlegroups.com
Hello Saurab
I am not sure if I got your question right but here is my answer to what I understood of your question.
Your application can catch the 401 and tell the user to check with there domain admin's if they have explicitly allowed access to the readonly user provisioning scope.
Thanks
Thanks
| Gunjan Sharma | | Developer Programs Engineer | | gunjan...@google.com | | +91 7702534446 |
To view this discussion on the web visit https://groups.google.com/d/msg/google-apps-mgmt-apis/-/8ZCJxN9vOFQJ.
--
You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group.
To post to this group, send email to google-app...@googlegroups.com.
To unsubscribe from this group, send email to google-apps-mgmt...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
Saurab Parakh
Dec 19, 2011, 8:52:56 AM12/19/11
to google-app...@googlegroups.com
Yes Gunjan, that can be a solution. But there should be something that must be handling this case automatically. Since this is a common issue. any any update in the application api scope leads to this. So there must be a better and simple way so that non technical admin can grant access on the click of a button rather than doing it explicitly,
Thanks and regards,
Saurab Parakh
Thanks and regards,
Saurab Parakh
Reply all
Reply to author
Forward
0 new messages