Login/Register
call Google auth API using Apache HttpClient
Asked Answered
Solved apachegoogle-apigoogle-calendar-apigoogle-oauthapache-commons-httpclient
D

1

1

I would like to know if it is possible to call a Google API that requires auth such as the Google Calendar API using the Apache HttpClient, and no Google code or libraries. (and need the code to do it)

This is the code I have so far, its gets an auth error, What do you use for the user/password?

HttpPost request = new HttpPost("https://www.googleapis.com/calendar/v3/users/me/calendarList/primary?key=mykey");
DefaultHttpClient client = new DefaultHttpClient();
client.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY),
new UsernamePasswordCredentials(user, password));
HttpResponse response = client.execute(request);

Error:

"errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "Login Required",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Login Required"
Desantis answered 3/10, 2016 at 21:29 Comment(1)
note this is a non-user interactive process, it needs to check the calendar every hour and not have any expiring credentialsDesantis
T
3

You don't use Login and password you need to be authenticated once you are you will have an access token then you can call something like this.

https://www.googleapis.com/calendar/v3/users/me/calendarList/primary?access_token={tokenFromAuth}

You can authenticate to Google with any language that is capable of a HTTP POST and a HTTP GET. Here is my walk though of the Auth flow to Google http://www.daimto.com/google-3-legged-oauth2-flow/ you will need to create a Oauth2 credentials on Google Developer console to start. Then its just a matter of asking the user for permission to access their data and requesting the access.

Thermel answered 4/10, 2016 at 6:43 Comment(15)
there is no user, it is a bot? the user needs to enter their credentials in the bot's config, not a user interactive processDesantis
Client login is no longer supported by Google. Your user will need to authenticate at least once then your bot can run automatically. Some apis support services accounts however the code for that includes creating jwt tokens its much harder to get to work and the user will have to create their own project on Google Developer consol and pre approve any data they want to accessThermel
the user authentication states the token only last 1 hour?Desantis
Access tokens are good for one hour. Refresh token is good until the user revokes it or it hasn't been used in six months. you use a refresh token to ask the authentication server for a new access token when ever you like. check my tutorial look for grant_type=refresh_tokenThermel
Note: If you are releasing this to users. You cant release your client id from Google Developer Console to them. They are going to have to create their own. see: #27585912Thermel
I am on step 1 of your how2 and get an error when openning the url - Error: invalid_client - The OAuth client was not foundDesantis
I set my client id, what is the redirect url?Desantis
It's a http get should be able to dump it in a web browserThermel
Kind of depends on the type of credentials you created. It's basically the location you want to the auth server to return the token to you probably made a native client in which case it is just that weird string which just means send it back to the location I am sending fromThermel
Okay, I had the clientId wrong (had .apps.googleusercontent.com twice)Desantis
ok, steps 1-3 in your how to work, how long can you get a new token using the refresh token? and thank you soo muchDesantis
You can use the refresh token as often as you like really. It will work until the user revoke s access via their Google account or if it hasn't been used for six monthsThermel
There is one more way it can expire try to follow this. Refresh tokens are built around the client id and the users Google account. You can keep requesting access of the user and each time you will get a new refresh token. They will all work until you hit the magic number of 25 you can only have 25 outstanding refresh tokens to a user's account then the first one will expire. I hit this on a project with a script that could be run multi threaded.Thermel
Why the bounty?Thermel
Just cause you really helped me outDesantis

© 2022 - 2024 — McMap. All rights reserved.