Connection refused with proxy obtaining access token

2,979 views
Skip to first unread message

christophe...@thomsonreuters.com

unread,
Sep 30, 2016, 2:22:47 PM9/30/16
to AdWords API Forum

Okay, I'm stuck authenticating to the Google API and looking for ideas.  I have tried so many suggestions from the web but none seem to get me past the connection issue.

I am waiting to talk to a Linux admin to see if the proxy is blocking outbound requests to Google, but I thought I would post a question here to maybe learn something else I'm missing.

Thanks for any advice.

 

If I created the following cURL command correctly, the following is what happens when I run it from the Linux command line.

Note: I did also add "-x http://webproxy.h.corp.services:80" to the cURL to explicitly set  the proxy

The parameters are the same as I use in a Java test HTTP post that works just fine on my local workstation (see below) so the “Required parameter….” error I believe is misleading.

 

curl -v -k -x http://webproxy.h.corp.services:80 --header "Content-Type: application/x-www-form-urlencoded" \

> -F 'grant_type=refresh_token' \

> -F 'refresh_token=1/hDGjsPYJd0WQbFlX******************' \

> -F 'client_id=628259514038-********************.apps.googleusercontent.com' \

> -F 'client_secret=*****************' \

> https://accounts.google.com/o/oauth2/token

 

* About to connect() to proxy webproxy.h.corp.services port 80 (#0)

*   Trying 163.231.26.134... connected

* Connected to webproxy.h.corp.services (163.231.26.134) port 80 (#0)

* Establish HTTP proxy tunnel to accounts.google.com:443

> CONNECT accounts.google.com:443 HTTP/1.1

> Host: accounts.google.com:443

> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2

> Proxy-Connection: Keep-Alive

> 

< HTTP/1.0 200 Connection established

< 

* Proxy replied OK to CONNECT request

* Initializing NSS with certpath: sql:/etc/pki/nssdb

* warning: ignoring value of ssl.verifyhost

* skipping SSL peer certificate verification

* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

* Server certificate:

*       subject: CN=accounts.google.com,O=Google Inc,L=Mountain View,ST=California,C=US

*       start date: Sep 14 08:44:36 2016 GMT

*       expire date: Dec 07 08:19:00 2016 GMT

*       common name: accounts.google.com

*       issuer: CN=Google Internet Authority G2,O=Google Inc,C=US

> POST /o/oauth2/token HTTP/1.1

> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2

> Host: accounts.google.com

> Accept: */*

> Content-Length: 601

> Expect: 100-continue

> Content-Type: application/x-www-form-urlencoded; boundary=----------------------------8c681bcd32df

> 

* Done waiting for 100-continue

< HTTP/1.1 400 Bad Request

< Content-Type: application/json; charset=utf-8

< Cache-Control: no-cache, no-store, max-age=0, must-revalidate

< Pragma: no-cache

< Expires: Mon, 01 Jan 1990 00:00:00 GMT

< Date: Fri, 30 Sep 2016 13:05:52 GMT

< X-Content-Type-Options: nosniff

< X-Frame-Options: SAMEORIGIN

< X-XSS-Protection: 1; mode=block

< Server: GSE

< Alt-Svc: quic=":443"; ma=2592000; v="36,35,34,33,32"

< Accept-Ranges: none

< Vary: Accept-Encoding

< Transfer-Encoding: chunked

< 

{

  "error" : "invalid_request",

  "error_description" : "Required parameter is missing: grant_type"

* Connection #0 to host webproxy.h.corp.services left intact

* Closing connection #0

}

 

When I run the test Java code on my workstation I successfully obtain the required authentication token back from Google.

 

This is the code snippet that is throwing the exception.

HttpResponse httpResponse = httpclient.execute(httppost);

 

When this code executes on Linux box I receive the following exception after 20 seconds.

org.apache.http.conn.HttpHostConnectException: Connection to https://accounts.google.com refused

        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:190)

        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)

        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643)

        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)

        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)

        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)

        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)

        at com.findlaw.adwords.AdWordsApiApplication.run(AdWordsApiApplication.java:87)

        at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)

        at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:84)

        at com.findlaw.adwords.AdWordsApiApplication.main(AdWordsApiApplication.java:152)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:497)

        at org.apache.hadoop.util.RunJar.run(RunJar.java:221)

        at org.apache.hadoop.util.RunJar.main(RunJar.java:136)

Caused by: java.net.ConnectException: Connection timed out

        at java.net.PlainSocketImpl.socketConnect(Native Method)

        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)

        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)

        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)

        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)

        at java.net.Socket.connect(Socket.java:589)

        at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668)

        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:414)

        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)

        ... 16 more

Shwetha Vastrad (AdWords API Team)

unread,
Sep 30, 2016, 4:35:21 PM9/30/16
to AdWords API Forum
Hi Christopher, 

Are you using the AdWords API Java client library to make API requests? Could you try setting the properties mentioned here and try again?

Thanks,
Shwetha, AdWords API Team.

christophe...@thomsonreuters.com

unread,
Oct 3, 2016, 12:48:19 PM10/3/16
to AdWords API Forum
Shwetha,
Yes I'm using the AdWords API Java client library.

Here is my command to execute the application:
java -cp /hadoop/user/findlaw/jars/adwords/AdWordsApi.jar com.findlaw.adwords.AdWordsApiApplication -Dhttp.proxyHost=webproxy.h.corp.services -Dhttp.proxyPort=80 -Dhttps.proxyHost=webproxy.h.corp.services -Dhttps.proxyPort=80 /project/findlaw/etl/adwords/AdPerformanceReport.csv /project/findlaw/data/adwords/AdPerformanceReport/year=2016 0

christophe...@thomsonreuters.com

unread,
Oct 3, 2016, 2:27:46 PM10/3/16
to AdWords API Forum
UPDATE:  I change the cUrl options from -F to -d and that fixed the cUrl command so at least I know I can get an access token via server-to-server call.
UPDATE:  I "shaded" in some more jars so know I have a new stack trace:


java -cp /hadoop/user/findlaw/jars/adwords/AdWordsApi.jar com.findlaw.adwords.AdWordsApiApplication -Dhttp.proxyHost=webproxy.h.corp.services -Dhttp.proxyPort=80 -Dhttps.proxyHost=webproxy.h.corp.services -Dhttps.proxyPort=80 /project/findlaw/etl/adwords/AdPerformanceReport.csv /project/findlaw/data/adwords/AdPerformanceReport/year=2016 0

log4j:WARN No appenders could be found for logger (org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.

***** Starting *****
******Generate a refreshable OAuth2 credential
com.google.api.ads.common.lib.exception.OAuthException: Credential could not be refreshed.
        at com.google.api.ads.common.lib.auth.OfflineCredentials.generateCredential(OfflineCredentials.java:178)
        at com.findlaw.adwords.service.impl.AdWordsServiceImpl.getCriteriaPerformanceReport(AdWordsServiceImpl.java:85)
        at com.findlaw.adwords.AdWordsApiApplication.run(AdWordsApiApplication.java:122)
        at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
        at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:84)
        at com.findlaw.adwords.AdWordsApiApplication.main(AdWordsApiApplication.java:152)
Caused by: java.net.SocketTimeoutException: connect timed out
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:589)
        at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668)
        at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
        at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
        at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
        at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264)
        at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
        at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1104)
        at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:998)
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
        at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1282)
        at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1257)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250)
        at com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:77)
        at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:981)
        at com.google.api.client.auth.oauth2.TokenRequest.executeUnparsed(TokenRequest.java:283)
        at com.google.api.client.auth.oauth2.TokenRequest.execute(TokenRequest.java:307)
        at com.google.api.client.auth.oauth2.Credential.executeRefreshToken(Credential.java:570)
        at com.google.api.client.googleapis.auth.oauth2.GoogleCredential.executeRefreshToken(GoogleCredential.java:362)
        at com.google.api.client.auth.oauth2.Credential.refreshToken(Credential.java:489)
        at com.google.api.ads.common.lib.auth.OAuth2Helper.callRefreshToken(OAuth2Helper.java:69)
        at com.google.api.ads.common.lib.auth.OfflineCredentials.generateCredential(OfflineCredentials.java:172)
        ... 5 more


On Friday, September 30, 2016 at 1:22:47 PM UTC-5, christophe...@thomsonreuters.com wrote:

Peter Oliquino

unread,
Oct 4, 2016, 3:21:09 AM10/4/16
to AdWords API Forum
Hi Christopher,

The issue you're encountering could be better reviewed by the library owner. You may get in touch with them by filing an issue through this link. This will enable them to keep track of the issue as well.

Thanks and regards,
Peter Laurence N. Oliquino
AdWords API Team
Reply all
Reply to author
Forward
0 new messages