Google Service Account Http Error 500 with Python

Question

This seems like relatively straightforward code accessing a Google API endpoint with a Service Account- but I am getting Http Error 500

It works fine with the Tasks API, same authentication.

My source code:

import httplib2
import pprint
import sys

from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials

f = file('key.p12', 'rb')
key = f.read()
f.close()

credentials = SignedJwtAssertionCredentials(
'403695561042-6ntna04usrl5sscg3ovij6t4d8vfvsqp@developer.gserviceaccount.com',
key,
scope='https://www.googleapis.com/auth/apps.order.readonly')

http = httplib2.Http()
http = credentials.authorize(http)
service = build("reseller", "v1", http=http)
lists = service.subscriptions().list().execute(http=http) 
print lists

Response:

HttpError: <unprintable HttpError object>

Traceback:

Traceback (most recent call last):
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1701, in __call__
    return self.wsgi_app(environ, start_response)
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1689, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1687, in wsgi_app
    response = self.full_dispatch_request()
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1360, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1358, in full_dispatch_request
    rv = self.dispatch_request()
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1344, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/Users/admin/Sites/newmind/reseller-api/app.py", line 79, in index
    lists = service.subscriptions().list().execute(http=http)
  File "build/bdist.macosx-10.8-intel/egg/oauth2client/util.py", line 120, in positional_wrapper
    return wrapped(*args, **kwargs)
  File "build/bdist.macosx-10.8-intel/egg/apiclient/http.py", line 678, in execute
    raise HttpError(resp, content, uri=self.uri)

Copied the code directly from the Google Sample, just changed the name of the service and authentication. http://code.google.com/p/google-api-python-client/source/browse/samples/service_account/tasks.py The tasks API returns http 200 with the same credentials.

When I use a pretty standard httplib2 request, here's the response I am getting:

WARNING:oauth2client.util:new_request() takes at most 1 positional argument (2 given)
    {'status': '500', 'content-length': '52', 'x-xss-protection': '1; mode=block', 'x-content-type-options': 'nosniff', 'expires': 'Sat, 20 Oct 2012 06:25:19 GMT', 'server': 'GSE', '-content-encoding': 'gzip', 'cache-control': 'private, max-age=0', 'date': 'Sat, 20 Oct 2012 06:25:19 GMT', 'x-frame-options': 'SAMEORIGIN', 'content-type': 'application/json; charset=UTF-8'}
    {
     "error": {
      "code": 500,
      "message": null
     }
    }

Answer 1

Somewhat of a long shot, but have you turned on the Reseller API in your project console? I remember having a similar issue when attempting to access a service other than the one I had initially used.

Edit: Per the comments below, an alternative solution was to use the Flow and set the access_type to offline to allow the token to be refreshed without requiring the user to constantly reauthenticate.

Answer 2

Without using the flow the following can be done:

The error you are getting is due the fact that you have a) authenticated to the API correctly but b) the user that you are using does not have access to the account that you are trying to access.

I had this same problem, it was resolved by adding the OAuth2 service account email address to the Analytics account's users.

For each account you'll wanted to access, you will have to add this separately.