0

I am working on an App Engine server which has currently 2 modules. I have the default module used for endpoints and the sync module. This second module is used for syncing my server with another. So my sync module gets data from other servers and has to send it to the default module using endpoints. To do this, I generated endpoints_client_library and added the library to my sync module. I tried a lot of cases but I can't communicate my endpoints properly. Each times I got errors like "401 Unauthorized".

So I don't know if it's the right way to use the generated endpoints client library on my server or if there is another solution, maybe simplier...

I just want to send data from my sync module to the default.

If you need some code, even if it is not very complete and not working at all, just say and I will.

The URLFetch code I'm using:

AppIdentityService appIdentity = AppIdentityServiceFactory.getAppIdentityService();
AppIdentityService.GetAccessTokenResult accessToken = appIdentity.getAccessToken(Collections.singleton(scope));



URLFetchService fetcher = URLFetchServiceFactory.getURLFetchService();
FetchOptions options = FetchOptions.Builder.doNotFollowRedirects().disallowTruncate();
HTTPRequest request = new HTTPRequest(url, HTTPMethod.GET, options);

HTTPHeader userAgent = new HTTPHeader("User-Agent", "AppEngine-Google; (+http://code.google.com/appengine; appid: appId)");
request.addHeader(userAgent);
HTTPHeader autho = new HTTPHeader("Authorization", "OAuth "+accessToken.getAccessToken());
request.addHeader(autho);
HTTPHeader contentType = new HTTPHeader("Content-Type", "application/json");
request.addHeader(contentType);

HTTPResponse response = fetcher.fetch(request);

int code = response.getResponseCode();
String resp = new String(response.getContent());

System.out.println(code);
System.out.println(resp);

And the result:

401

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "{\"class\":\"com.domain.server.cloud.CloudException\",\"code\":2}",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "{\"class\":\"com.domain.server.cloud.CloudException\",\"code\":2}"
 }
}
Harshal Patil
  • 6,284
  • 8
  • 37
  • 55
Kyu_
  • 790
  • 4
  • 9
  • 18

1 Answers1

2

Follow the general guidelines for Communication between Modules in App Engine Modules in Java. After the second code example it says you could also use the URL Fetch Service for an asynchronous flow control.

For security the document continues with advice for the called module (your endpoints) to authenticate the request. The manual or basic scaling admin login solution will generally not work because automatic scaling is the default. The Inbound-AppId header would be a very simple and safe choice in your scenario.

Just as you are willing to add more details to your question, I am happy to try to add more details to this answer.

Martin Berends
  • 3,450
  • 2
  • 14
  • 19
  • Yes, I have read this page. I also tried to use URLFetch to communicate between modules, the problem is that I always have an authorization error. On the sync module, I have a logged user, but I can't send it to the default module by URLFetch, I mean I haven't found how to do... – Kyu_ Mar 13 '14 at 16:11
  • I understand. The security suggestions may enable you to do the URL Fetch without that logged user id, in other words anonymously but still secure. Then you could pass the logged user id as simply data instead of as credentials. – Martin Berends Mar 13 '14 at 16:31
  • Unfortunately, endpoints on the appengine server require logged user in any case. And this is the problem... I will add my URLFetch code in the main post. – Kyu_ Mar 13 '14 at 16:38
  • What happens if you go anonymous by commenting out request.addHeader(autho) ? – Martin Berends Mar 13 '14 at 16:56
  • Same thing... 401, require authorization :/ – Kyu_ Mar 14 '14 at 09:13
  • Just for your information, I executed the request with the API Explorer and get the Bearer token used for. And then I used this token in my UrlFetch ("Authorization: Bearer _THE_TOKEN_") and it worked. So it means that the problem comes from my tokens, they're not valid... I have no idea how to resolve it. – Kyu_ Mar 14 '14 at 14:41