4

I've been working on this for over a day so now asking for help! I'm trying to write an iOS app that authenticates using a google service account in order to access Google storage.

I can't get beyond this error which occurs at the authoriseRequest and when trying to create a bucket.

Error Domain=com.google.GTMOAuth2 Code=-1001 "The operation couldn’t be completed. (com.google.GTMOAuth2 error -1001.)" UserInfo=0x15640740 {request= { URL: https://www.googleapis.com/rpc?prettyPrint=false }}

It's my first time working with the google objective c libraries and almost all of the examples that I've found online, and in stackOverflow are aimed at using GTMOAuth2ViewControllerTouch, but I'm not authenticating from the user

So far, I've gotten this.

Before my init .. 

static GTLServiceStorage *storageService = nil;
static GTMOAuth2Authentication *auth;

In my init .. 

auth = [ GTMOAuth2SignIn standardGoogleAuthenticationForScope:@"kGTLAuthScopeStorageDevstorageFullControl" clientID:@"my_client_id.apps.googleusercontent.com" clientSecret:@"my_client_secret"];
auth.redirectURI = @"urn:ietf:wg:oauth:2.0:oob";
// inititialising the auth token
[auth authorizeRequest:nil  delegate:self didFinishSelector:@selector(authentication:request:finishedWithError:)];

// init googleStorage Backend service.
if (!storageService) {
    storageService = [[GTLServiceStorage alloc] init];
    storageService.additionalHTTPHeaders = @{@"x-goog-project-id": @"my_project_id", @"Content-Type": @"application/json-rpc", @"Accept":
                                                 @"application/json-rpc"};
    storageService.authorizer = auth;
    storageService.retryEnabled = YES;
}

And in a method to create a bucket for example..

// Create a GTLStorageBucket.
GTLStorageBucket* bucket = [[GTLStorageBucket alloc] init];
bucket.name = @"myBucketName";
// Create the query
GTLQueryStorage *query = [GTLQueryStorage queryForBucketsInsertWithObject:bucket project:@"myGoogleProjectID"];
[storageService executeQuery:query completionHandler:^(GTLServiceTicket *ticket, GTLStorageBucket  *object, NSError *error) {
    NSLog(@"bucket %@", object);
}];

My question is, am I using the gtmoauth2 library correctly for a service account authentication, and if so am I missing something obvious in my parameters or my initialisation.

Thanks

myagi
  • 71
  • 5
  • Did you ever find out? – Sti May 23 '15 at 14:54
  • @sti I'm afraid I actually don't have access to that codebase any more, but I'm pretty sure I didn't solve this and ended up abandoning using GTLQueryStorage – myagi May 28 '15 at 08:38
  • Google service account authentication normally requires a certificate, if I am not mistaken. Client ID / client secret is not enough. However, I cannot find an interface for specifying a certificate in the gtm-oauth2 library. Does anyone know? Perhaps one is supposed to use objects from the standard Apple security framework? – Otto G Sep 02 '15 at 13:39

2 Answers2

0

The problem may be that kGTLAuthScopeStorageDevstorageFullControl is a const, and by putting it inside @"", you are creating an NSString that is literally "kGTLAuthScopeStorageDevstorageFullControl", which is not equivalent to the const value that method is likely expecting.

Mike
  • 9,765
  • 5
  • 34
  • 59
user3988171
  • 1
0

Unfortunately, according to the discussion group, there is no support for service accounts in the Google API Objective C library, as the Objective C library is intended only for building client applications:

https://groups.google.com/forum/#!topic/gtm-oauth2/fWzElFvKdEU

Otto G
  • 670
  • 7
  • 14