I'm writing a mobile app as a thin client that fetch data from the a server. I am using Google app engine to host my backend and using all the services they offer. I am using endpoints to expose for my API. I found this tutorial to secure my API. I test from the api explorer as everything worked fine. if I am not using Oauth 2 I cannot use the API. However, when I investigate the HTTP header, I don't find the "authorization: bearer" line, that would be holding the one time token that will be used to authenticate and authorize the API call. Now i'm doubting I did not something correct, because normally I have to see this line. There is a screenshot of my call with request showing that it was executed although there is not the line I pointed earlier. There is also pieces of my code which is generated by Android studio partially.
@ApiMethod(
name = "get",
path = "offer/{id}",
httpMethod = ApiMethod.HttpMethod.GET)
public Offer get(@Named("id") long id, User user) throws NotFoundException, UnauthorizedException {
if (user == null) throw new UnauthorizedException("User is Not Valid");
logger.info("Getting Offer with ID: " + id);
Offer offer = ofy().load().type(Offer.class).id(id).now();
if (offer == null) {
throw new NotFoundException("Could not find Offer with ID: " + id);
}
return offer;
}
Any clue about why the line containing the token is missing?
