OAuth login with Google Apps Engine endpoint stopped working
I have a Java desktop application that talks to a GAE server. The client application subscribes to the server using OAuth 1.0 with an icon through the provided endpoints (appname.appengine.com/_ah/OAuthGetAccessToken, etc.) with the consumerkey and consumerecret parameters set to "anonymous" and the scope set to the GAE domain ... The login process works fine:
- Get request token
- Let the user visit the resulting authentication url
- Request a verification code
- Get an access token
At this point I have apparently valid token and token. If I use them to sign a request to the GAE server, I get an OAuthRequestException when authenticating the user:
OAuthService oauthService = OAuthServiceFactory.getOAuthService();
try {
user = oauthService.getCurrentUser();
if (user != null) {
ri.userName = user.getEmail();
}
} catch (OAuthRequestException t) {
t.printStackTrace();
}
This worked fine until this morning . I am using a modified version of Chrome to Phone GAE. I noticed that there is the same problem on the Chrome phone : I can no longer log into the service, so I don't believe it is a client side error. Logins are not displayed in the Google Connected Sites, Apps and Services console. Here is a link to the affected line in Chrome service for phone service: Source affected by Chrome2Phone .
I already tried registering the app in the google API console and provided the comsumer key and secret with the same result.
source to share
This is not really an answer, but I see the same new behavior in the python app engine using the built-in libs providers oauth ( google.appengine.api.oauth
). The existing stored tokens continue to work, but requesting a new token and then using it to invoke a protected service results in InvalidOAuthTokenError
. This is with the unchanged consumer and provider code that worked flawlessly until last night (about midnight CST).
source to share
We made some changes to the end of our authentication system that turned out to be incompatible with App Engine's authentication-based code. This seems to be a fairly simple problem and we are coming with a fix. We don't have an exact timeline yet, but expect one soon.
Update: The fix was released prior to production at approximately 8pm PST. Thanks everyone for your patience.
source to share