Tell me more ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite
1

I am trying Google OAuth.I am developing web application running on IBM webSphere server. Application's framework is SpringMVC.

I am trying to get userinfo.profile. I have successfully get Access Token and could not find a way to use this token and get user information.

I was redirecting browser to this URL https://www.googleapis.com/oauth2/v2/userinfo?access_token="+access.getAccessToken(); but getting error

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "authError",
    "message": "Invalid Credentials",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Invalid Credentials"
 }
}

Am I using this access token fine or should I send request in some other form?

I am sending request in this way:

GenericUrl shortenEndpoint = new GenericUrl("https://www.googleapis.com/oauth2/v2/userinfo");
HttpRequest request1 = rf.buildGetRequest(shortenEndpoint);
GoogleHeaders headers = new GoogleHeaders();
headers.setContentType("application/json; charset=UTF-8");
headers.setAuthorization("OAuth " + accessToken); 
request1.setHeaders(headers);
HttpResponse shortUrl = request1.execute();

After giving my Access Token in this URL in browser

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=******

I got 

{
 "issued_to": "*****************",
 "audience": "*****************",
 "scope": "https://www.googleapis.com/auth/urlshortener",
 "expires_in": 3515,
 "access_type": "online"
}
share|improve this question
Does it also fail if you send the token using the Authorization header ? – jphuynh Jan 23 at 8:35
I did not try that. Can you show me any example sending this header? – Imran Tariq Jan 23 at 9:08
Could you detail how you sent the http request ? – jphuynh Jan 23 at 9:27
question edited. – Imran Tariq Jan 23 at 9:31

2 Answers

up vote 3 down vote accepted

Looking at the tokeninfo response, there is a mismatch between the scope for which the token was issued and the API you are trying to access. You seem to have an access token for https://www.googleapis.com/auth/urlshortener scope. If you want to user the userinfo API, you should obtain a token for the https://www.googleapis.com/auth/userinfo.profile and https://www.googleapis.com/auth/userinfo.email scopes.

share|improve this answer
You beauty. What a dig. If there were option to up-vote more than once then I will do this ten times. – Imran Tariq Jan 24 at 5:33
How can I use both scopes? – Imran Tariq Jan 24 at 5:44
Great finding @vlatko, thanks. Imran, for multiple scopes, you have to pass them in your url. They have to be space delimited. Example: scope=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com‌​/auth/userinfo.profile – jphuynh Jan 24 at 8:59
@vlatko Hey vlatko, I couldn't find any contact info on your profile, so I'll try to contact you here and I'll delete the comment later. Your name seems Macedonian, so could you give me your email so I can reach out and get your advice about programming jobs? – Igor Apr 22 at 18:53
up vote 1 down vote

It seems that your authorization header is incorrect.

Try with : headers.setAuthorization("OAuth " + accessToken);

share|improve this answer
After changing, getting same error. – Imran Tariq Jan 23 at 9:41
Ok can you check that you token is still valid ? You can call googleapis.com/oauth2/v1/tokeninfo?access_token=yourToken to check it. – jphuynh Jan 23 at 9:45
It returns some data that means token is fine but having error when using in Application. Question edited for token. – Imran Tariq Jan 23 at 9:50
Yeah token seems fine. Does the request using the access_token= parameter also fails in a browser or just from your app ? Also try to force the http method to GET in your code. – jphuynh Jan 23 at 9:56
Then? Can you tell any other way to send token through application? Am I missing something? – Imran Tariq Jan 23 at 9:57
show 3 more comments

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.