Try usesAuthorizationHeader = false and usesUrlParameter = true. doug
On May 20, 2015, at 6:58 PM, Dan Hoffman <[email protected]> wrote: > Hello! > > I'm trying to create a gadget that will show data from my Google Analytics > account. Since I own the data, not the user, it doesn't make sense to ask > the user for permission. I created a Service Account (which lets me make > requests as my app instead of as a user) and am trying to implement a > client_credentials flow. > > I'm running shindig 2.5.2. > > When I set up the service account, I got a client ID, client email address, > and a JSON key file. I could also get a P12 key if that makes a difference. > > My goal is to have shindig handle the OAuth2 stuff and let my gadget grab > analytics data from my account without having to ask for any credentials. > Is this even possible? If so, how do I set it up? Are my oauth2,json > settings incorrect? I assume I'm supposed to put the key file somewhere > where shindig can access it, but I don't know where, or how to tell shindig > where to find it. > > With my current settings, I get an authentication_problem error with the > explanation "The authentication headers could not be added to the request". > > I've been banging my head against this for days, so any help you could > provide would be much appreciated! > > Thanks, > Dan > > Here are the relevant pieces of my oauth2.json file: > > { > "gadgetBindings" : { > "http://localhost:8080/opensocial-apps/PersonalStats.xml"; : { > "googleAPI" : { > "clientName" : "googleApi_personalStats", > "allowModuleOverride" : "true" > } > } > }, > "clients" : { > "googleApi_personalStats" : { > "providerName" : "googleAPI", > "type" : "confidential", > "grant_type" : "client_credentials", > "client_id" : "MY_CLIENT_ID", > "client_secret" : "I_DO_NOT_HAVE_ONE" > } > }, > "providers" : { > "googleAPI" : { > "client_authentication" : "STANDARD", > "usesAuthorizationHeader" : "true", > "usesUrlParameter" : "true", > "endpoints" : { > "authorizationUrl" : "https://accounts.google.com/o/oauth2/auth > ", > "tokenUrl" : " > https://accounts.google.com/o/oauth2/token"; > } > } > } > } > > The JSON key file that looks like this: > > { > "private_key_id": "KEY_ID_STRING", > "private_key": "-----BEGIN PRIVATE KEY-----\nSOME_BIG_LONG_KEY\n-----END > PRIVATE KEY-----\n", > "client_email": "[email protected]", > "client_id": "CLIENT_ID_STRING.apps.googleusercontent.com", > "type": "service_account" > } > > And here's the full error: > > *code:*authentication_problem > *uri:* > *description:*org.apache.shindig.gadgets.oauth2.OAuth2Request encountered > an error : The client authentication is being added : can't handle error > response code 400 , , > *explanation:*The authentication headers could not be added to the request. > *trace:*
