OAuth NullPointerException on failed query authentication after permission revoked

53 views
Skip to first unread message

n0_fixed_ab0de

unread,
Aug 17, 2009, 11:37:56 AM8/17/09
to Google Data Protocol, russel...@hullomail.com, ch...@hullomail.com
After revoking access permission from a domain subsequent OAuth
requests to access the service from this domain results in the
following:

java.lang.NullPointerException: No authentication header information
at
com.google.gdata.util.AuthenticationException.initFromAuthHeader
(AuthenticationException.java:96)
at com.google.gdata.util.AuthenticationException.<init>
(AuthenticationException.java:67)
at
com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse
(HttpGDataRequest.java:563)
at
com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse
(GoogleGDataRequest.java:543)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse
(HttpGDataRequest.java:535)
at com.google.gdata.client.http.HttpGDataRequest.execute
(HttpGDataRequest.java:514)
at com.google.gdata.client.http.GoogleGDataRequest.execute
(GoogleGDataRequest.java:515)
at com.google.gdata.client.Service.getFeed(Service.java:1034)
at com.google.gdata.client.Service.getFeed(Service.java:976)
at com.google.gdata.client.GoogleService.getFeed
(GoogleService.java:662)
at com.google.gdata.client.Service.query(Service.java:1136)
at com.google.gdata.client.Service.query(Service.java:1077)

I was hoping to see something a bit more explicit telling the
authentication request had failed.

Is this normal and what should be expected?
And if so can I reliably interpret this as meaning permission has been
revoked?

Thanks

n0_fixed_ab0de

unread,
Aug 18, 2009, 7:48:05 AM8/18/09
to Google Data Protocol
It looks like the header "WWW-Authenticate" is not available. Is this
a bug and if so is it being looked at?

/**
* Constructs a new AuthenticationException instance based upon
* the contents of a WWW-Authenticate header as described by
* RFC2617.
*/
......
public AuthenticationException(HttpURLConnection httpConn)
throws IOException {
super(httpConn);
initFromAuthHeader(httpConn.getHeaderField("WWW-Authenticate"));

n0_fixed_ab0de

unread,
Aug 19, 2009, 11:24:55 AM8/19/09
to Google Data Protocol, ch...@hullomail.com, Russel...@hullomail.com
I upgraded to version 1.0a and when revoking permission I have been
receiving the following error when attempting to authorized access
token
Caused by: java.io.IOException: Server returned HTTP response
code: 400 for URL

This declared on http://code.google.com/apis/accounts/docs/OAuth_ref.html
Note: The return of a verification code does not indicate that a
request token has been authorized. If a request token has not been
authorized, then requests to exchange it for an access token will
fail.

However, instead of getting the response content ("The request token
is invalid.") which can be acquired by manually trying out the request
URL in a browser OAuthHttpClient.getResponse() instead throws the
IOException above with the 400 code leaving the developer to fumble
and debug.

After finding the following link
http://www.coderanch.com/t/433447/Streams/java/HttpsURLConnection-Reading-Body-Response-when
I have tried patching with the following


public String getResponse(URL url) throws OAuthException {
try {
HttpURLConnection connection = (HttpURLConnection)
url.openConnection();
connection.connect();

InputStream _is;
if (connection.getResponseCode() < 400) {
_is = connection.getInputStream();
} else {
/* error from server */
_is = connection.getErrorStream();
}

BufferedReader in = new BufferedReader(new
InputStreamReader(_is));
String inputLine;
StringBuilder response = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();

if (connection.getResponseCode() >= 400) {
throw new IOException(response.toString());
}

return response.toString();
} catch (IOException e) {
throw new OAuthException("Error getting HTTP response",
e);
}
}

At least this way you can interrogate the exception to find out what
happened.
Reply all
Reply to author
Forward
0 new messages