This isn't exactly an answer, but I'm seeing the same new behavior on a python app engine app using the built-in oauth provider libs (google.appengine.api.oauth
). Existing saved tokens continue to work, but requesting a new token and then using it to call a protected service results in a InvalidOAuthTokenError
. This is with unchanged consumer and provider code that worked flawlessly until last night (approximately midnight CST).
OAuth login with Google Apps Engine endpoint stopped working
-
07-03-2022 - |
質問
I have a desktop Java application that communicates with a GAE server. The client application signs in to the server using OAuth 1.0 with signpost via the provided endpoints (appname.appengine.com/_ah/OAuthGetAccessToken and the like) with consumerkey and consumersecret set to "anonymous" and scope set to the GAE domain. The login process appears to be working fine:
- Retrieve Request Token
- Let the user visit the resulting authentication URL
- Ask user for verification code
- Retrieve Access Token
At this point, I have a seemingly valid token and token secret. If I use these to sign a request to the GAE server, I get an OAuthRequestException when identifying the user:
OAuthService oauthService = OAuthServiceFactory.getOAuthService();
try {
user = oauthService.getCurrentUser();
if (user != null) {
ri.userName = user.getEmail();
}
} catch (OAuthRequestException t) {
t.printStackTrace();
}
This used to work fine until this morning. I am using a modified version of the Chrome to Phone GAE backend. I noticed that Chrome to Phone is having the same issue: I cannot login to the service anymore, so I don't believe this is an error on the client side. Logins don't show up in the Google Connected Sites, Apps, and Services console. Here is a link to the affected line in Chrome to Phone's GAE service: Chrome2Phone affected source.
I already tried registering the application in the Google API console and provided comsumer key and secret, with the same result.
解決 2
他のヒント
We made some back end changes to our authentication system which ended up not being compatible with App Engine code relying on the authentication system. It appears to be a rather straightforward issue and we are in progress with a fix. We don't have an exact timeline on resolution yet but expect it to be soon.
Update: the fix has been rolled out to production as of about 8pm PST. Thanks everyone your patience.