Here's my log. First, HTTP communication:
connect: (
accounts.google.com, 443)
send: 'POST /o/oauth2/token HTTP/1.1\r\nHost:
accounts.google.com\r\nContent-Length: 574\r\ncontent-type: application/x-www-form-urlencoded\r\naccept-encoding: gzip, deflate\r\nuser-agent:
alert.us/1.0\r\n\r\ngrant_type=assertion&assertion_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fjwt%2F1.0%2Fbearer&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI0MjgwNzI5NTgzMTZAZGV2ZWxvcGVyLmdzZXJ2aWNlYWNjb3VudC5jb20iLCJzY29wZSI6Imh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL2F1dGgvYW5kcm9pZHB1Ymxpc2hlciIsImF1ZCI6Imh0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbS9vL29hdXRoMi90b2tlbiIsImV4cCI6MTM0MTA1MjYwMiwiaWF0IjoxMzQxMDQ5MDAyfQ.O1M6Dz6VcTMo8RRsK5b5lloxBO5bMCY6YtlXw8lQGvvuMnjguthkVMoF3KYOjSCwDtxnt-bKP3aqKa-pRQn13N_fbXxR1IBq7fblGwYRpLoYIGiAlaz4K0xURovAr7CeoWRJv7OUUXcqiIPYFH94GiAzijw0uOXNdTtL0UTXqA4'
reply: 'HTTP/1.1 200 OK\r\n'
header: Cache-Control: no-cache, no-store, max-age=0, must-revalidate
header: Pragma: no-cache
header: Expires: Fri, 01 Jan 1990 00:00:00 GMT
header: Date: Sat, 30 Jun 2012 09:36:43 GMT
header: Content-Type: application/json
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
connect: (
www.googleapis.com, 443)
send: 'GET /discovery/v1/apis/androidpublisher/v1/rest HTTP/1.1\r\nHost:
www.googleapis.com\r\naccept-encoding: gzip, deflate\r\nauthorization: Bearer 1/VZmk3FHwirXiFNYFq0F9yGwYcdy9PGpbRdH6ZHCfdk4\r\nuser-agent:
alert.us/1.0\r\n\r\n'
reply: 'HTTP/1.1 200 OK\r\n'
header: Expires: Sat, 30 Jun 2012 09:41:43 GMT
header: Date: Sat, 30 Jun 2012 09:36:43 GMT
header: Cache-Control: public, max-age=300, must-revalidate, no-transform
header: ETag: "-SrYbbV8v3wJlx0CB1308kPKOHk/32NQpSaRB-jpJJPtwUKhdvwEuJM"
header: Content-Type: application/json; charset=UTF-8
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
send: u'GET /androidpublisher/v1/applications/us.alert/subscriptions/android_month/purchases/pmbjsblzqysaufucvefzuniy?alt=json HTTP/1.1\r\nHost:
www.googleapis.com\r\ncontent-length: 0\r\naccept: application/json\r\naccept-encoding: gzip, deflate\r\nauthorization: Bearer 1/VZmk3FHwirXiFNYFq0F9yGwYcdy9PGpbRdH6ZHCfdk4\r\nuser-agent:
alert.us/1.0 google-api-python-client/1.0\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: WWW-Authenticate: AuthSub realm="
https://www.google.com/accounts/AuthSubRequest" allowed-scopes="
https://www.googleapis.com/auth/androidpublisher"
header: Content-Type: application/json; charset=UTF-8
header: Date: Sat, 30 Jun 2012 09:36:44 GMT
header: Expires: Sat, 30 Jun 2012 09:36:44 GMT
header: Cache-Control: private, max-age=0
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
send: 'POST /o/oauth2/token HTTP/1.1\r\nHost:
accounts.google.com\r\nContent-Length: 574\r\ncontent-type: application/x-www-form-urlencoded\r\naccept-encoding: gzip, deflate\r\nuser-agent:
alert.us/1.0\r\n\r\ngrant_type=assertion&assertion_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fjwt%2F1.0%2Fbearer&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI0MjgwNzI5NTgzMTZAZGV2ZWxvcGVyLmdzZXJ2aWNlYWNjb3VudC5jb20iLCJzY29wZSI6Imh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL2F1dGgvYW5kcm9pZHB1Ymxpc2hlciIsImF1ZCI6Imh0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbS9vL29hdXRoMi90b2tlbiIsImV4cCI6MTM0MTA1MjYwNCwiaWF0IjoxMzQxMDQ5MDA0fQ.S6mGyqpRN_Qw4WHrMyG1WyloKn_kKZjoZn5ieH4u9YYMt-N_sgYP3UTQVEXWc3o3Eynce40967tJ9CKjUjkK65whYDqu86WKxJNHQaLqehN6FRbJNJO9rqUQafGve59yOKaiQqIkaEg6pP88qjBKIaqCbrTbjscOtNCHE2DR3oM'
reply: 'HTTP/1.1 200 OK\r\n'
header: Cache-Control: no-cache, no-store, max-age=0, must-revalidate
header: Pragma: no-cache
header: Expires: Fri, 01 Jan 1990 00:00:00 GMT
header: Date: Sat, 30 Jun 2012 09:36:44 GMT
header: Content-Type: application/json
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
send: u'GET /androidpublisher/v1/applications/us.alert/subscriptions/android_month/purchases/pmbjsblzqysaufucvefzuniy?alt=json HTTP/1.1\r\nHost:
www.googleapis.com\r\ncontent-length: 0\r\naccept: application/json\r\naccept-encoding: gzip, deflate\r\nauthorization: Bearer 1/Kx4Zno7QeZ3uf6sE5eubkN-jQDMfR4bCE_PZB897SzE\r\nuser-agent:
alert.us/1.0 google-api-python-client/1.0\r\n\r\n'
reply: 'HTTP/1.1 401 Unauthorized\r\n'
header: WWW-Authenticate: AuthSub realm="
https://www.google.com/accounts/AuthSubRequest" allowed-scopes="
https://www.googleapis.com/auth/androidpublisher"
header: Content-Type: application/json; charset=UTF-8
header: Date: Sat, 30 Jun 2012 09:36:45 GMT
header: Expires: Sat, 30 Jun 2012 09:36:45 GMT
header: Cache-Control: private, max-age=0
header: X-Content-Type-Options: nosniff
header: X-Frame-Options: SAMEORIGIN
header: X-XSS-Protection: 1; mode=block
header: Server: GSE
header: Transfer-Encoding: chunked
And this is what I get from the apiclient library (my code is very similar to the official example for using service account with tasks API -
http://code.google.com/p/google-api-python-client/source/browse/samples/service_account/tasks.py):
INFO:root:URL being requested:
https://www.googleapis.com/discovery/v1/apis/androidpublisher/v1/restINFO:oauth2client.client:Attempting refresh to obtain initial access_token
DEBUG:root:{'iss': '
XXXXXX...@developer.gserviceaccount.com', 'scope': '
https://www.googleapis.com/auth/androidpublisher', 'aud': '
https://accounts.google.com/o/oauth2/token', 'exp': 1341052602L, 'iat': 1341049002L}
DEBUG:root:['eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9', 'eyJpc3MiOiI0MjgwNzI5NTgzMTZAZGV2ZWxvcGVyLmdzZXJ2aWNlYWNjb3VudC5jb20iLCJzY29wZSI6Imh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL2F1dGgvYW5kcm9pZHB1Ymxpc2hlciIsImF1ZCI6Imh0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbS9vL29hdXRoMi90b2tlbiIsImV4cCI6MTM0MTA1MjYwMiwiaWF0IjoxMzQxMDQ5MDAyfQ', 'O1M6Dz6VcTMo8RRsK5b5lloxBO5bMCY6YtlXw8lQGvvuMnjguthkVMoF3KYOjSCwDtxnt-bKP3aqKa-pRQn13N_fbXxR1IBq7fblGwYRpLoYIGiAlaz4K0xURovAr7CeoWRJv7OUUXcqiIPYFH94GiAzijw0uOXNdTtL0UTXqA4']
INFO:oauth2client.client:Refresing access_token
INFO:root:URL being requested:
https://www.googleapis.com/androidpublisher/v1/applications/us.alert/subscriptions/android_month/purchases/pmbjsblzqysaufucvefzuniy?alt=jsonINFO:oauth2client.client:Refreshing due to a 401
DEBUG:root:{'iss': '
XXXXXX...@developer.gserviceaccount.com', 'scope': '
https://www.googleapis.com/auth/androidpublisher', 'aud': '
https://accounts.google.com/o/oauth2/token', 'exp': 1341052604L, 'iat': 1341049004L}
DEBUG:root:['eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9', 'eyJpc3MiOiI0MjgwNzI5NTgzMTZAZGV2ZWxvcGVyLmdzZXJ2aWNlYWNjb3VudC5jb20iLCJzY29wZSI6Imh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL2F1dGgvYW5kcm9pZHB1Ymxpc2hlciIsImF1ZCI6Imh0dHBzOi8vYWNjb3VudHMuZ29vZ2xlLmNvbS9vL29hdXRoMi90b2tlbiIsImV4cCI6MTM0MTA1MjYwNCwiaWF0IjoxMzQxMDQ5MDA0fQ', 'S6mGyqpRN_Qw4WHrMyG1WyloKn_kKZjoZn5ieH4u9YYMt-N_sgYP3UTQVEXWc3o3Eynce40967tJ9CKjUjkK65whYDqu86WKxJNHQaLqehN6FRbJNJO9rqUQafGve59yOKaiQqIkaEg6pP88qjBKIaqCbrTbjscOtNCHE2DR3oM']
INFO:oauth2client.client:Refresing access_token
Traceback (most recent call last):
File "a.py", line 88, in <module>
validation_request.execute()
File "/Users/mc/.virtualenvs/alertus-api-server/lib/python2.7/site-packages/apiclient/http.py", line 389, in execute
raise HttpError(resp, content, self.uri)
apiclient.errors.HttpError: <HttpError 401 when requesting
https://www.googleapis.com/androidpublisher/v1/applications/us.alert/subscriptions/android_month/purchases/pmbjsblzqysaufucvefzuniy?alt=json returned "This developer account does not own the application.">