1

I'm trying to access my appengine backend, built using cloud endpoints in python, from my android client - using authentication.

Authentication is working fine from the api explorer.

On the android side, I'm using the credentials/account picker method described here: https://developers.google.com/appengine/docs/python/endpoints/consume_android

But I get the following in the appengine log when accessing from an android client:

"Oauth framework user didn't match oauth token user."

And before that there's this warning:

"id_token verification failed: Unable to load pycrypto library. Can't verify id_token signature. See http://www.pycrypto.org for more information on"

Kai Stavginski
  • 549
  • 4
  • 9
  • To help anybody else that might end up here - I fixed the same error (but not Android related - was rolling my own OAuth authentication) with two things: 1. Change App Engine's Google Authentication setting to "Google Accounts API", not "Google Apps Domain", and 2. Use the HTTP header 'Authorization: Bearer " instead of the "?access_token=" query string parameter. – Joseph Mansfield Apr 22 '15 at 23:12

1 Answers1

4

When you are accessing GAE app with cloud endpoints from android client, it will be using ID tokens. So if you are getting the warning Oauth framework user didn't match oauth token user , then you must be seeing some failure in id_token verification and seeing some warning like id_token verification failed. Checking for oauth token. Please check if your endpoints.get_current_user() method is returning None in this case and then check for any errors in your authentication part.

This post explains ID tokens in detail and this post explains the limitations in knowing User_id when using ID tokens and the possible workarounds

EDIT: : Find below the final solution based on Kai Stavginski's suggestions

As suggested, oauth framework warning is seen when there is some error in id_token verification. So as per the modified question, the log has id_token verification failed: Unable to load pycrypto library This requires pycrypto library to be added to app.yaml and then id_token failure will be resolved and there will be no oauth related warning.

Community
  • 1
  • 1
tony m
  • 4,769
  • 1
  • 21
  • 28
  • you definitely let me in the right direction.. i failed to mention that I was getting this warning: id_token verification failed: Unable to load pycrypto library. Can't verify id_token signature. Since it kept going after that, I didn't realize that this was the real problem. I'll edit my question to reflect this. – Kai Stavginski Jun 30 '13 at 19:45
  • 1
    The specific solution was to add the pycrypto library to app.yaml - doh. Want to edit your answer to reflect that? – Kai Stavginski Jun 30 '13 at 19:50
  • nice to know the issue is resolved and i could be of any help. i have updated the answer to include your final solution so that this post could be a useful reference – tony m Jun 30 '13 at 20:02