Home/ Questions/Q 6125377
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T16:14:25+00:00

When I execute a CalendarService.setOAuthCredentials(oauthParameters, new OAuthHmacSha1Signer()); I get an OAuthException 401 Error Unknown

  • 0

When I execute a CalendarService.setOAuthCredentials(oauthParameters, new OAuthHmacSha1Signer()); I get an OAuthException 401 Error Unknown authorization header.

I’m using GWT+GAE I don’t know why I’m receiving this error, oauthParameters seem to be OK.

  1. I get user login on
    loginService.login
  2. I check if I have
    the authentication already on
    oauthService.checkOauthTokenSecret
  3. If not, I’ll do a redirect to Google
    Aproval page for GCalendar
    permission
  4. I get querystring
    returned by Google and I get Access
    Token and Access Token Secret and
    set it to the user entity for later
    use on oauthService.upgradeLogin.
  5. And trying to get calendars on
    oauthService.getPublicCalendars.

I’m using MVP pattern with mvp4g framework, sorry if is a bit confusing 0:-)

Any idea why I’m receiving 401 error? I think is something about I’m going up & down through client and server and external pages… and something is missing 🙁 but all parameters seem to be correctly fullfilled.

Client side

public void onStart(){
    GWT.log("onStart");
    loginService.login(GWT.getHostPageBaseURL(), new AsyncCallback<LoginInfo>() {
        @Override
        public void onSuccess(LoginInfo result) {
            Common.loginInfo = result;
            if(Common.loginInfo.isLoggedIn()) { 
                oauthService.checkOauthTokenSecret(new AsyncCallback<String>() {
                    @Override
                    public void onSuccess(String result) {
                        if (result == null){
                            eventBus.OauthLogin();
                        }else{
                            oauthService.upgradeLogin(Window.Location.getQueryString(),Common.loginInfo, new AsyncCallback<LoginInfo>() {
                                @Override
                                public void onSuccess(LoginInfo result) {
                                    Common.loginInfo = result;
                                    getCitas();
                                }
                                @Override public void onFailure(Throwable caught) {
                                    Common.handleError(caught);                         
                                }
                            });
                        }
                    }
                    @Override public void onFailure(Throwable caught) {
                        Common.handleError(caught);                         
                    }
                });
            }else{
                eventBus.LoadLogin();
            }
        }
        @Override public void onFailure(Throwable caught) {
            Common.handleError(caught);
        }
    });
}

Server Side

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.ServletContext;

import com.google.gdata.client.authn.oauth.GoogleOAuthHelper;
import com.google.gdata.client.authn.oauth.GoogleOAuthParameters;
import com.google.gdata.client.authn.oauth.OAuthException;
import com.google.gdata.client.authn.oauth.OAuthHmacSha1Signer;
import com.google.gdata.client.authn.oauth.OAuthParameters;
import com.google.gdata.client.calendar.CalendarService;
import com.google.gdata.data.calendar.CalendarEntry;
import com.google.gdata.data.calendar.CalendarFeed;
import com.google.gdata.util.ServiceException;
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
import com.rdt.citas.client.OAuthoritzationService;
import com.rdt.citas.client.shared.LoginInfo;

public class OAuthoritzationServiceImpl extends RemoteServiceServlet 
implements OAuthoritzationService {

/**
 * 
 */
private static final long serialVersionUID = 1L;

private static final Logger log = Logger.getLogger(OAuthoritzationServiceImpl.class.getName());

private static String KEY_PARAM = "oauth_consumer_key";
private static String SECRET_PARAM = "oauth_consumer_secret";
private static String SCOPE_PARAM = "scope_calendars";
private static String CALLBACK_PARAM = "oauth_callback";


public String checkOauthTokenSecret(){

    ServletContext context = this.getServletContext();
    getOauthParams(context);

    return (String) this.getThreadLocalRequest().getSession().getAttribute("oauthTokenSecret");;
}

public String getApprovalOAuthPageURL() throws IOException{

    ServletContext context = this.getServletContext();
    getOauthParams(context);

    GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();

    oauthParameters.setOAuthConsumerKey(getFromSession(KEY_PARAM));
    oauthParameters.setOAuthConsumerSecret(getFromSession(SECRET_PARAM));
    oauthParameters.setScope(getFromSession(SCOPE_PARAM));
    oauthParameters.setOAuthCallback(getFromSession(CALLBACK_PARAM));
    GoogleOAuthHelper oauthHelper = new GoogleOAuthHelper(new OAuthHmacSha1Signer());

    try {                       
        oauthHelper.getUnauthorizedRequestToken(oauthParameters);

        String approvalPageUrl = oauthHelper.createUserAuthorizationUrl(oauthParameters);
        String oauthTokenSecret = oauthParameters.getOAuthTokenSecret();

        this.getThreadLocalRequest().getSession().setAttribute("oauthTokenSecret", oauthTokenSecret);

        return approvalPageUrl;

    } catch (OAuthException e) {
        log.log(Level.WARNING,e.toString());
        return "";
    } finally{
    }

}

public LoginInfo upgradeLogin(String queryString, LoginInfo login){
    // receiving '?key1=value1&key2=value2
    queryString = queryString.substring(1, queryString.length());
    String k = getFromSession(KEY_PARAM);
    String s = getFromSession(SECRET_PARAM);

    GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();
    oauthParameters.setOAuthConsumerKey(k);
    oauthParameters.setOAuthConsumerSecret(s);

    String oauthTS = (String) this.getThreadLocalRequest().getSession().getAttribute("oauthTokenSecret");//oauthParameters.getOAuthTokenSecret();
    oauthParameters.setOAuthTokenSecret(oauthTS);

    GoogleOAuthHelper oauthHelper = new GoogleOAuthHelper(new OAuthHmacSha1Signer());
    oauthHelper.getOAuthParametersFromCallback(queryString,oauthParameters);

    login.setQueryStringTokens(queryString);
    login.setAccessTokenSecret(oauthTS);

    try {
        String accesToken = oauthHelper.getAccessToken(oauthParameters);
        login.setTokenSecret(accesToken);
    } catch (OAuthException e) {
        log.log(Level.WARNING,e.toString());
    }
    return login;
} 

public ArrayList<String> getPublicCalendars(String accessToken, String accessTokenSecret){
    ArrayList<String> result = new ArrayList<String>();
    CalendarFeed calendarResultFeed = null;

    GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();
    oauthParameters.setOAuthConsumerKey(getFromSession(KEY_PARAM));
    oauthParameters.setOAuthConsumerSecret(getFromSession(SECRET_PARAM));
    oauthParameters.setOAuthToken(accessToken);
    oauthParameters.setOAuthTokenSecret(accessTokenSecret);            
    oauthParameters.setOAuthType(OAuthParameters.OAuthType.THREE_LEGGED_OAUTH);
    oauthParameters.setScope(getFromSession(SCOPE_PARAM));

    CalendarService myService = new CalendarService("exampleCo-exampleApp-1");                  

    try {
        myService.setOAuthCredentials(oauthParameters, new OAuthHmacSha1Signer());
        URL calendarFeedUrl = new URL("https://www.google.com/calendar/feeds/default/owncalendars/full");
        calendarResultFeed = myService.getFeed(calendarFeedUrl, CalendarFeed.class);
    } catch (OAuthException e) {
        log.info("OAuthException");
        log.log(Level.WARNING,e.toString());
        e.printStackTrace();
    } catch (MalformedURLException e) {
        log.info("MalformedURLException");
        log.log(Level.WARNING,e.toString());
        e.printStackTrace();
    } catch (IOException e) {
        log.info("IOException");
        log.log(Level.WARNING,e.toString());
        e.printStackTrace();
    } catch (ServiceException e) {
        log.info("ServiceException");
        log.log(Level.WARNING,e.toString());
        e.printStackTrace();
    }

    if (calendarResultFeed != null && calendarResultFeed.getEntries() != null) {
        for (int i = 0; i < calendarResultFeed.getEntries().size(); i++) {
            CalendarEntry entry = calendarResultFeed.getEntries().get(i);
            result.add(entry.getTitle().getPlainText());              
        } 
    }
    return result;
}


private void getOauthParams(ServletContext context) {
    this.getThreadLocalRequest().getSession()
        .setAttribute(KEY_PARAM, context.getInitParameter(KEY_PARAM));
    this.getThreadLocalRequest().getSession()
        .setAttribute(SECRET_PARAM, context.getInitParameter(SECRET_PARAM));
    this.getThreadLocalRequest().getSession()
        .setAttribute(SCOPE_PARAM, context.getInitParameter(SCOPE_PARAM));
    this.getThreadLocalRequest().getSession()
        .setAttribute(CALLBACK_PARAM, context.getInitParameter(CALLBACK_PARAM));
}

private String getFromSession(String param){
    return (String) this.getThreadLocalRequest().getSession().getAttribute(param);
}

}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I have recently been working with oAuth. Inside upgradeLogin(…) when you are upgrading to an access token you are not fetching the respective access token secret.

    The access token secret following the getAccessToken() request is different to the access token secret before the request. You are currently setting the access token secret (via login.setAccessTokenSecret(oauthTS)), it is the pre-updated access token secret value you are using. You need to set it to the access token secret value returned after the update request:

    String accesToken = oauthHelper.getAccessToken(oauthParameters);
String accesTokenSecret = oauthParameters.getOAuthTokenSecret();                
login.setTokenSecret(accesToken);
login.setAccessTokenSecret(accesTokenSecret);

    You also probably want to store this updated token/secret pair somewhere. It is this value of access token secret that should then to be used inside getPublicCalendars(…) in the line:

    oauthParameters.setOAuthTokenSecret(accessTokenSecret);

    The post update access token/secret pair is long-lived and can therefore be re-used (without needing to update it again) until such time as it is revoked.

    Incidentally I found the oAuth Playground Tool useful in diagnosing my problems.

    I hope this helps,

    • 0