I’m new to web server programming so maybe I’m doing this the wrong way, but here’s what I’m trying to do:
-
The user authenticates using a native iOS app against the server “https://www.googleapis.com/auth/plus.me”. I’m using the ,
GTMOAuth2 classes to handle the authorization. I’ve successfully retrieved a valid token, so this part works. -
I’m now trying to POST JSON data to a google-app-engine web servlet as an authenticated user by using the authentication token I obtained in step 1. Here’s the code I’m using:
- (void)postDictionary:(NSMutableDictionary *)dict toURL:(NSMutableString *)urlString withAuthToken:(GTMOAuth2Authentication *)authToken delegate:(id)connectDelegate { if( ![NSJSONSerialization isValidJSONObject:dict] ) { NSLog(@"JSON Data is Invalid!"); return; } NSData *jsonData = [NSJSONSerialization dataWithJSONObject:dict options:0 error:nil]; NSMutableString *serverURL = [[NSMutableString alloc] initWithString:urlString]; //DEBUG NSLog(@"sent URL: %@", serverURL); NSURL *url = [[NSURL alloc] initWithString:serverURL]; NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url]; // Execute URL Asynchronously // Make sure we "Post" the data to the server [request setHTTPMethod:@"POST"]; [request setHTTPBody:jsonData]; [request setValue:@"application/json" forHTTPHeaderField:@"Accept"]; [request setValue:@"application/json" forHTTPHeaderField:@"Content-Type"]; [request setValue:@"json" forHTTPHeaderField:@"Data-Type"]; [request setValue:[NSString stringWithFormat:@"%d", [jsonData length]] forHTTPHeaderField:@"Content-Length"]; // We need to send the authentication information to the server. [request setValue:CLIENT_ID forHTTPHeaderField:@"client_id"]; [request setValue:CLIENT_SECRET forHTTPHeaderField:@"client_secret"]; [request setValue:authToken.accessToken forHTTPHeaderField:@"Authorization: GoogleLogin auth"]; // Make sure we can authenticate on HTTP instead of just HTTPS authToken.shouldAuthorizeAllRequests=YES; // USED FOR TESTING ON LOCALHOST ONLY!!! // Let's Try the Fetcher method... GTMHTTPFetcher* myFetcher = [GTMHTTPFetcher fetcherWithRequest:request]; [myFetcher setAuthorizer:authToken]; [myFetcher beginFetchWithDelegate:self didFinishSelector:@selector(myFetcher:finishedWithData:error:)]; return; }
Currently the server I’m trying to post to is is running on “http://localhost:8888/mywebapp”.
-
On the web server, I’m trying to authenticate the user using the following java code:
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { // Perform Authentication... UserService userService = UserServiceFactory.getUserService(); User user = userService.getCurrentUser(); if( user != null ) { System.out.println("User: "+user.getNickname()); } else { sendError( "You must login first!", resp ); return; } ...
The UserService never indicates a user is logged in. I’ve tried several different things, but haven’t had any success. My app just gets the “You must login first!” error message. Any ideas?
I solved my problem.
I had to switch to the OAuth 1 protocol instead of the OAuth 2 protocol. According to the documentation I read, the OAuth 2 isn’t supported for Google App Engine yet (Does anyone know differently?). So I used the library GTM-OAUTH instead of the GTM-OAUTH2 library in my iOS app. I used the “OAuthSampleTouch” example as a basis for using the library.
I needed to register my google-app-engine URL with Google, using https://accounts.google.com/managedomains.
That gave me a ConsumerKey and ConsumerSecret I could use in my iPhone app when calling the GTM-OAUTH Library.
I modified my GAE server code to use the OAUTH token:
I also appended the Token into the URL, I’m not sure if this is required or not…
Example:
URL=”https://my-app.appspot.com/myservlet?token=XXXXXXXXXXXXXXXX”