I am developing an Android application and need to get the “me” info from google but I always ends up in either response code 401 or 403. What am I doing wrong?
Here is my code:
private static final String GOOGLE_AUTH_TOKEN_TYPE = "oauth2:https://www.googleapis.com/auth/plus.me";
I get the oauth token by (note…code below is shortened):
Account googleAccount = (AccountManager) getSystemService(ACCOUNT_SERVICE).getAccountsByType("com.google"); final Bundle bundle = manager.getAuthToken(googleAccount, GOOGLE_AUTH_TOKEN_TYPE, true, null, null).getResult(); String authToken = bundle.getString(AccountManager.KEY_AUTHTOKEN);
So far so good… I now have a token so everything looks good here.
Now get the me info:
String GOOGLE_ME_URL = "https://www.googleapis.com/plus/v1/people/me"; final DefaultHttpClient client = new DefaultHttpClient(); final HttpGet request = new HttpGet(GOOGLE_ME_URL); request.addHeader("Authorization", "OAuth=" + authToken); final HttpResponse response = client.execute(request);
This gives response code 401.
I have also tried:
final DefaultHttpClient client = new DefaultHttpClient(); final HttpGet request = new HttpGet(GOOGLE_ME_URL + "?access_token=" + authToken); final HttpResponse response = client.execute(request);
This gives response code 403 – Something like “Daily limit exceeded. Please sign up”.
What am I doing wrong? what have I missed? How should this be done?
// Edits below
Some more investigation:
I added a project into code.google.com/apis/console and took the key generated from there and put into the url, like:
https://www.googleapis.com/plus/v1/people/me?key=my_generated_key&access_token=” + authToken.
Now the call works fine and I get a 200 response with the correct info. But I really don´t want to use this method if I don´t have to and according to google I should not need to “•If the request requires authorization (such as a request for an individual’s private data), then it must include an OAuth 2.0 token. It may also include the API key, but it doesn’t have to.” – from developers.google.com/+/api/oauth.
If I try another url like
“https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=” + authToken
it works fine.
The issue is regarding the simple api key passed into the request.
If the key parameter isn’t included in the request, or if the Google+ API wasn’t activated for that project, you’ll get the error:
“Daily limit exceeded. Please sign up”.
To solve this problem, you need to do the following:
- Visit the Google API Console here: https://code.google.com/apis/console/?api=plus
- Under the Services panel, make sure the Google+ API is turned “on”.
- In the APIs console, click API Access in the left menu.
- Copy the API key presented towards the bottom.
- Include this API key in your HTTP request.
GOOGLE_ME_URL + "?access_token=" + authToken + "&key=" + MY_SIMPLE_API_KEY
Most of the newer Google APIs have quotas (like daily usage limits) and some even have billing support (where you get billed per API call). These quotas and billing are calculated per developer’s project, and not on a per-end-user basis, so Google needs to know which app to assign your API usage.
API clients using Google’s OAuth 2.0 are typically required to register and get a client ID and client secret.
This client ID and client secret are returned by the Google APIs console: code.google.com/apis/console.
You then use these values in your application, and this identifies your app and allows Google to assign your API usage to your developer account/project.
In the AccountManger interface you’re using, there is no client ID passed by your app, so Google can’t identify which developer account/project’s quota to deduct for usage. It also doesn’t know that the API has been properly enabled (TOS accepted, etc) by you as a developer. That’s why it’s asking you to “please sign up” and saying the “Daily limit exceeded” (as the unregistered limit is zero requests for many APIs).
In this scenario, it is necessary for you to pass the “key” value as you did in order to access APIs with OAuth 2.0 tokens retrieved from the AccountManager.
Why don’t some of you try to go to the Google Console. In this way you will be able to have access to to the tools you need to rectify at least
403 forbidden problems. DMC
Generate a new auth token and secret for your application and try again.
That might solve your problem, but your daily retry limit might be exhausted…
I had the same issue you’re having.
You are using HTTP at the moment, but you are actually calling a the site over HTTPS. Either use a secure connection procedure or use the
You just need to enable Google+ API in console.