search

google-code-export / google-api-java-client

Automatically exported from code.google.com/p/google-api-java-client
1 stars 0 forks source link

Smarter handling of OAuth 2 failures when getting a 401 error #630

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
We recently had an error reported of a "401 Unauthorized" error when trying to 
access a Google API endpoint.  It kept refreshing the access token, trying to 
access the Google API, got a 401 error, and then continue the loop until 
reaching the max retry number.  It then simply threw an exception.  We don't 
the root cause of the problem, but one guess is that it may have been that the 
token didn't have the right scopes defined for the API method.

Ideally the client library could help in determining the problem using the 
tokeninfo endpoint which gives information about access tokens.  So for example 
if we know what scopes are required by an API method, and we get a 401 error, 
we could ask tokeninfo to tell us if the access token is valid and what scopes 
it has defined.  If we see that it doesn't have the appropriate scope for 
example, we could throw a more descriptive error explaining the problem, and 
not attempt to refresh the token and retry the request.

Original issue reported on code.google.com by yan...@google.com on 15 Oct 2012 at 6:40

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 24 Jan 2013 at 2:41

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 7 Feb 2013 at 12:05

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 10 Jun 2013 at 1:25

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 21 Jun 2013 at 2:06

GoogleCodeExporter commented 9 years ago

Original comment by pele...@google.com on 29 Jul 2013 at 6:09

GoogleCodeExporter commented 9 years ago

Original comment by yan...@google.com on 27 Sep 2013 at 12:03