OAuth NullPointerException on failed query authentication after permission revoked
74 views
Skip to first unread message
n0_fixed_ab0de
Aug 17, 2009, 11:37:56 AM8/17/09
to Google Data Protocol, russel...@hullomail.com, ch...@hullomail.com
After revoking access permission from a domain subsequent OAuth
requests to access the service from this domain results in the
following:
java.lang.NullPointerException: No authentication header information
at
com.google.gdata.util.AuthenticationException.initFromAuthHeader
(AuthenticationException.java:96)
at com.google.gdata.util.AuthenticationException.<init>
(AuthenticationException.java:67)
at
com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse
(HttpGDataRequest.java:563)
at
com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse
(GoogleGDataRequest.java:543)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse
(HttpGDataRequest.java:535)
at com.google.gdata.client.http.HttpGDataRequest.execute
(HttpGDataRequest.java:514)
at com.google.gdata.client.http.GoogleGDataRequest.execute
(GoogleGDataRequest.java:515)
at com.google.gdata.client.Service.getFeed(Service.java:1034)
at com.google.gdata.client.Service.getFeed(Service.java:976)
at com.google.gdata.client.GoogleService.getFeed
(GoogleService.java:662)
at com.google.gdata.client.Service.query(Service.java:1136)
at com.google.gdata.client.Service.query(Service.java:1077)
I was hoping to see something a bit more explicit telling the
authentication request had failed.
Is this normal and what should be expected?
And if so can I reliably interpret this as meaning permission has been
revoked?
Thanks
requests to access the service from this domain results in the
following:
java.lang.NullPointerException: No authentication header information
at
com.google.gdata.util.AuthenticationException.initFromAuthHeader
(AuthenticationException.java:96)
at com.google.gdata.util.AuthenticationException.<init>
(AuthenticationException.java:67)
at
com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse
(HttpGDataRequest.java:563)
at
com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse
(GoogleGDataRequest.java:543)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse
(HttpGDataRequest.java:535)
at com.google.gdata.client.http.HttpGDataRequest.execute
(HttpGDataRequest.java:514)
at com.google.gdata.client.http.GoogleGDataRequest.execute
(GoogleGDataRequest.java:515)
at com.google.gdata.client.Service.getFeed(Service.java:1034)
at com.google.gdata.client.Service.getFeed(Service.java:976)
at com.google.gdata.client.GoogleService.getFeed
(GoogleService.java:662)
at com.google.gdata.client.Service.query(Service.java:1136)
at com.google.gdata.client.Service.query(Service.java:1077)
I was hoping to see something a bit more explicit telling the
authentication request had failed.
Is this normal and what should be expected?
And if so can I reliably interpret this as meaning permission has been
revoked?
Thanks
n0_fixed_ab0de
Aug 18, 2009, 7:48:05 AM8/18/09
to Google Data Protocol
It looks like the header "WWW-Authenticate" is not available. Is this
a bug and if so is it being looked at?
/**
* Constructs a new AuthenticationException instance based upon
* the contents of a WWW-Authenticate header as described by
* RFC2617.
*/
......
public AuthenticationException(HttpURLConnection httpConn)
throws IOException {
super(httpConn);
initFromAuthHeader(httpConn.getHeaderField("WWW-Authenticate"));
a bug and if so is it being looked at?
/**
* Constructs a new AuthenticationException instance based upon
* the contents of a WWW-Authenticate header as described by
* RFC2617.
*/
......
public AuthenticationException(HttpURLConnection httpConn)
throws IOException {
super(httpConn);
initFromAuthHeader(httpConn.getHeaderField("WWW-Authenticate"));
n0_fixed_ab0de
Aug 19, 2009, 11:24:55 AM8/19/09
to Google Data Protocol, ch...@hullomail.com, Russel...@hullomail.com
I upgraded to version 1.0a and when revoking permission I have been
receiving the following error when attempting to authorized access
token
Caused by: java.io.IOException: Server returned HTTP response
code: 400 for URL
This declared on http://code.google.com/apis/accounts/docs/OAuth_ref.html
Note: The return of a verification code does not indicate that a
request token has been authorized. If a request token has not been
authorized, then requests to exchange it for an access token will
fail.
However, instead of getting the response content ("The request token
is invalid.") which can be acquired by manually trying out the request
URL in a browser OAuthHttpClient.getResponse() instead throws the
IOException above with the 400 code leaving the developer to fumble
and debug.
After finding the following link
http://www.coderanch.com/t/433447/Streams/java/HttpsURLConnection-Reading-Body-Response-when
I have tried patching with the following
public String getResponse(URL url) throws OAuthException {
try {
HttpURLConnection connection = (HttpURLConnection)
url.openConnection();
connection.connect();
InputStream _is;
if (connection.getResponseCode() < 400) {
_is = connection.getInputStream();
} else {
/* error from server */
_is = connection.getErrorStream();
}
BufferedReader in = new BufferedReader(new
InputStreamReader(_is));
String inputLine;
StringBuilder response = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
if (connection.getResponseCode() >= 400) {
throw new IOException(response.toString());
}
return response.toString();
} catch (IOException e) {
throw new OAuthException("Error getting HTTP response",
e);
}
}
At least this way you can interrogate the exception to find out what
happened.
receiving the following error when attempting to authorized access
token
Caused by: java.io.IOException: Server returned HTTP response
code: 400 for URL
This declared on http://code.google.com/apis/accounts/docs/OAuth_ref.html
Note: The return of a verification code does not indicate that a
request token has been authorized. If a request token has not been
authorized, then requests to exchange it for an access token will
fail.
However, instead of getting the response content ("The request token
is invalid.") which can be acquired by manually trying out the request
URL in a browser OAuthHttpClient.getResponse() instead throws the
IOException above with the 400 code leaving the developer to fumble
and debug.
After finding the following link
http://www.coderanch.com/t/433447/Streams/java/HttpsURLConnection-Reading-Body-Response-when
I have tried patching with the following
public String getResponse(URL url) throws OAuthException {
try {
HttpURLConnection connection = (HttpURLConnection)
url.openConnection();
connection.connect();
InputStream _is;
if (connection.getResponseCode() < 400) {
_is = connection.getInputStream();
} else {
/* error from server */
_is = connection.getErrorStream();
}
BufferedReader in = new BufferedReader(new
InputStreamReader(_is));
String inputLine;
StringBuilder response = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
if (connection.getResponseCode() >= 400) {
throw new IOException(response.toString());
}
return response.toString();
} catch (IOException e) {
throw new OAuthException("Error getting HTTP response",
e);
}
}
At least this way you can interrogate the exception to find out what
happened.
Reply all
Reply to author
Forward
0 new messages