I am creating an API using Google Cloud Endpoints, which needs to use the Google Drive API on the backend. I am able to require an authenticated user by adding a User parameter like so:
@ApiMethod(name = "folders.get", httpMethod = HttpMethod.GET)
public Folder getFolder(@Named("id") String id, User user) throws NotFoundException, ForbiddenException, BadRequestException {
if (user == null) {
throw new ForbiddenException("You must authenticate to use this API.");
}
Drive service = Utils.createDriveFromUser(user);
The problem comes in when I try to make requests to other Google APIs using the user parameter.
createDriveFromUser is essentially the stock OAuth sample code:
AuthorizationCodeFlow authFlow = Utils.initializeFlow();
Credential credential = authFlow.loadCredential(user.getUserId());
Drive service = new Drive.Builder(Utils.HTTP_TRANSPORT,
Utils.JSON_FACTORY, credential).build();
The above code works for making requests following the "normal" OAuth flow. I have a servlet which runs that method and is able to successfully make authenticated calls to the Drive API. When I try testing my API method, however, I get a 403:
{
"domain" : "usageLimits",
"message" : "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"reason" : "dailyLimitExceededUnreg",
"extendedHelp" : "https://code.google.com/apis/console"
}
Because of the way that endpoints authentication works on the local dev server (always returning the [email protected] user instead of a user I could actually make real API calls with) I have been deploying the application to test it. If there's a better way I'm all ears, that workflow sucks.
What am I missing with the authentication within an endpoints API?
