Took a week, but I did get it to work. For anyone else who runs into this....
1. I was following the Ericsson documentation at: https://labs.ericsson.com/apis/oauth2-framework/documentation#Web_Client_Flow that got me as far as getting things to work on my local Google-app-engine dev server. But when deploying to appspot and the real GAE world, it failed. 2. Problem seems to be that the in-memory storage of authTokens doesn't work in google's cloud - perhaps due to how the processing is distributed (??). 3. The fix was to replace the in-memory storage of authTokens with db storage of the tokens (for me that was Objectify and Google's BigTable) 4. This required changing the clientStore code from: ClientStore clientStore = ClientStoreFactory.getInstance(); clientStore.clientStore("123456789", "secret1", "yourCallbackURI"); To: ClientStoreFactory.setClientStoreImpl(MyDBClientStore.class, params); ClientStore<MyDBTokenGenerator> clientStore = (ClientStore<MyDBTokenGenerator>) ClientStoreFactory.getInstance(); And we need the two new classes referenced above: MyDBClientStore - only difference here is that we extend ClientStore<MyDBTokenGenerator> public class MyDBClientStore extends ClientStore<MyDBTokenGenerator> and MyDBTokenGenerator - this is where the real work is as you have to save the AuthToken in the database and that AuthToken consists of a token name and an AuthenticatedUser. I had to change generateToken() (store to db) and findToken() (retrieve from db) to get the basics to work. And finally, I had to create classes MyAuthToken and MyAuthenticatedUser to store this information through Objectify. Now it works on the local dev server and on appspot. RB ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2972101
