I try to get data from GA using java libs and service account. I`ve made all required settings: activate Analytics API in Cloud console, generate service account, get private key, add generated developer e-mail with read rights in GA user management.
With my local implementation this works fine. But when I try to run same code from server side I receive status "401 Unauthorized Login Required". Both implementations use Java 5 runtime, Google API services Java libs version 1.17.0 rev75.
The code snippet with credentials definition:
HttpTransport HTTP_TRANSPORT = new NetHttpTransport();
JsonFactory JSON_FACTORY = new JacksonFactory();
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId("xxx@developer.gserviceaccount.com")
.setServiceAccountScopes(Arrays.asList(AnalyticsScopes.ANALYTICS_READONLY))
.setServiceAccountPrivateKeyFromP12File(new File("privatekey.p12"))
.build();
The Analytics object and query builder:
Analytics analytics = new Analytics.Builder(HTTP_TRANSPORT, JSON_FACTORY, credential)
.setApplicationName("MyApp")
.build();
Get apiQuery = analytics.data().ga().get("ga:123", "2013-12-09","2013-12-09", "ga:visits");
HttpResponse response = apiQuery.executeUnparsed();
I`ve added httpLogger to compare traffic. I see that in case of local and server runs the authorization flow is same, no problems with getting access token.
With local run I`ve received response with status 200:
CONFIG: -------------- RESPONSE --------------
HTTP/1.1 200 OK
Alternate-Protocol: 443:quic
ETag: "xxxx"
Date: Mon, 30 Dec 2013 13:12:32 GMT
Content-Type: application/json; charset=UTF-8
X-Content-Type-Options: nosniff
Cache-Control: private, max-age=0, must-revalidate, no-transform
Content-Length: 1728
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Expires: Mon, 30 Dec 2013 13:12:32 GMT
X-Frame-Options: SAMEORIGIN
Server: GSE
{JSON BODY}
But with server run I`ve recieved response with status 401:
CONFIG: -------------- RESPONSE --------------
401 Unauthorized
date: Mon, 30 Dec 2013 13:17:32 GMT
alternate-protocol: 443:quic
server: GSE
www-authenticate: Bearer realm="https://www.google.com/accounts/AuthSubRequest"
transfer-encoding: chunked
expires: Mon, 30 Dec 2013 13:17:32 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private, max-age=0
{"error":{"errors":[{"domain":"global","reason":"required","message":"Login Required","locationType":"header","location":"Authorization"}],"code":401,"message":"Login Required"}}
Could anybody help me? I`ve really checked everything I know but no luck.
EDIT Does anybody know if delegation of domain-wide authority to service account is relevant to Google Analytics API?
Best regards, Sergey.
The problem has been resolved by changing transport to ApacheHttpTransport class.
But it will be quite useful to get to know whats wrong with NetHttpTransport.
Regards, Sergey.