Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

403 Forbidden #22

Open
deanpeterson opened this issue Jan 7, 2013 · 6 comments
Open

403 Forbidden #22

deanpeterson opened this issue Jan 7, 2013 · 6 comments

Comments

@deanpeterson
Copy link

I get a 403 forbidden error when testing out this piece of code. I have a valid, authorized, non-expired connection. Am I doing something wrong?

PeoplePage peoplePage = connection.getApi().plusOperations().searchPeople("Troutman", "0");

403 Forbidden
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:88)
at org.springframework.web.client.RestTemplate.handleResponseError(RestTemplate.java:533)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:489)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:461)
at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:229)
at org.springframework.social.google.api.query.impl.ApiQueryBuilderImpl.getPage(ApiQueryBuilderImpl.java:78)
at org.springframework.social.google.api.plus.impl.PlusTemplate.searchPeople(PlusTemplate.java:109)
@GabiAxel
Copy link
Collaborator

GabiAxel commented Jan 8, 2013

The second argument should either be null (for the first page) or the value you get in a response's "nextPageToken", which should be a short alphanumeric string. It's not a numeric index.

@deanpeterson
Copy link
Author

I did try leaving it null at first but I get the same error. I successfully transfer the user to Google for Authorization, the user returns and I check that the connection is authorized (it is) yet I still get a 403 error. Maybe something else is wrong. However, I was able to use the access token I received to work with the GData contacts api.

@vkonnackal
Copy link

I get the same error as well. I'm trying to get the contacts in circles. The user gets successfully authorized with the scope https://www.googleapis.com/auth/plus.login . However on calling PeoplePage page = connection.getApi().personOperations().searchPeople("me", nextPageToken) I get 403 Forbidden

Any ideas?

Update:
Im using 1.0.0.M2 version

@GabiAxel
Copy link
Collaborator

@vkonnackal To use "me" you need to authenticate with scope https://www.googleapis.com/auth/plus.me

@deanpeterson Can you please paste the HTTP request and response?

@jiwhiz
Copy link

jiwhiz commented Jan 27, 2015

I got the same issue with 1.0.0.RELEASE. I'm using Spring Social Security to authenticate user, and the authentication process was almost finished, but in the last step of creating Connection data, it failed:

Connection<S> connection = getConnectionFactory().createConnection(accessGrant);

After debugging, the problem is at GoogleConnectionFactory.extractProviderUserId():

    @Override
    protected String extractProviderUserId(AccessGrant accessGrant) {
        Google api = ((GoogleServiceProvider)getServiceProvider()).getApi(accessGrant.getAccessToken());
        UserProfile userProfile = getApiAdapter().fetchUserProfile(api);
        return userProfile.getUsername();
    }

So when it calls fetchUserProfile(api), it uses

Person profile = google.plusOperations().getGoogleProfile();

The actual http request is GET https://www.googleapis.com/plus/v1/people/me

I checked the header, the OAuth2RequestInterceptor works, I can see the "Authorization" header with access token. But it still got 403 Forbidden. The origin response is like this (copied from debug output):

HTTP/1.1 403 Forbidden [Vary: Origin, Vary: X-Origin, Content-Type: application/json; charset=UTF-8, Date: Tue, 27 Jan 2015 07:38:26 GMT, Expires: Tue, 27 Jan 2015 07:38:26 GMT, Cache-Control: private, max-age=0, X-Content-Type-Options: nosniff, X-Frame-Options: SAMEORIGIN, X-XSS-Protection: 1; mode=block, Server: GSE, Alternate-Protocol: 443:quic,p=0.02, Transfer-Encoding: chunked] org.apache.http.client.entity.GzipDecompressingEntity@64b842fe

In Google API document (https://developers.google.com/+/api/latest/people/get), if I test with profile scope, the request is like this:

GET https://www.googleapis.com/plus/v1/people/me?key={YOUR_API_KEY}

Authorization:  Bearer ya29.CAGy4blJebqEqDsaw3PjGBEI5UJc0Q7idbhA4jjpxAhVVzNkH2YjnNq3cUxeavWyr0iUPnh4TAB1xw
X-JavaScript-User-Agent:  Google APIs Explorer

The difference is it has "?key={YOUR_API_KEY}" in the url. Does it cause the 403 if we are missing key in the request url?

@jiwhiz
Copy link

jiwhiz commented Jan 28, 2015

I got it figured out. I have to turn on Google+ API in Google Developer Console for my application.

@chuckmah chuckmah mentioned this issue Feb 12, 2015
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jiwhiz @GabiAxel @vkonnackal @deanpeterson