1

I created a service account to use Google chat (not bot) from a local java client. My objective is to migrate flowdock data to Google chat.

I tried different means to get access token using service account and looked at several docs and forums...

Certificate is loaded with all certificate informations. But access token stays null.

public class ChatScopes {
static final String CHAT_SPACES = "https://chat.googleapis.com/v1/spaces";
static final String CLOUD_AUTH = "https://www.googleapis.com/auth/cloud-platform";
static final String CHAT_MESSAGES = "https://www.googleapis.com/chat.messages.create";
static final String CHAT_SPACES_2 = "https://www.googleapis.com/chat.spaces.create";
static final List<String> scopes = Lists.newArrayList(
        ChatScopes.CLOUD_AUTH, 
        ChatScopes.CHAT_SPACES,
        ChatScopes.CHAT_SPACES_2, 
        ChatScopes.CHAT_MESSAGES);

}
...

GoogleCredentials credentials = GoogleCredentials
            .fromStream(AuthenticationService.class.getResourceAsStream(CERT_FILE))
            .createScoped(ChatScopes.scopes);

1.a

AccessToken token = credentials.refreshAccessToken(); // IOException: Error parsing token refresh response. Expected value access_token not found.

1.b

AccessToken token = credentials.getAccessToken(); // token is null

Update with example Service account##

GoogleCredential credentials = GoogleCredential
            .fromStream(AuthenticationService.class.getResourceAsStream(CERT_FILE_2))
            .createScoped(Collections.singleton(ChatScopes.CHAT_SPACES));

return new HangoutsChat.Builder(httpTransport, JSON_FACTORY, credentials )
            .setApplicationName(APP_NAME)
            .build();
            .build();

response when requesting using hangoutsChat because access token stays null (with or without calling refresh and/or getAccessToken)
GET https: //chat.googleapis.com/v1/spaces

{
"code": 401,
"details": [
    {
        "@type": "type.googleapis.com/google.rpc.ErrorInfo",
        "reason": "CREDENTIALS_MISSING"
    }
],
"errors": [
    {
        "domain": "global",
        "location": "Authorization",
        "locationType": "header",
        "message": "Login Required.",
        "reason": "required"
    }
],
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"

}

Mike
  • 121
  • 1
  • 5
  • Have you tested the example from the documentation on OAuth 2.0 Java [Service accounts](https://developers.google.com/api-client-library/java/google-api-java-client/oauth2#service_accounts)? – Kessy Jun 29 '22 at 10:46
  • yes this one gives me 401 json response because access token stays null (with or without calling refresh and/or getAccessToken – Mike Jun 30 '22 at 11:20

1 Answers1

0

It seems we need some clean code crafting here. The error came in fact from wrong scopes declaration. Adding chat bot (why as I don't need bot ?) made me advance.

Scopes

public class ChatScopes {
static final String CLOUD_SCOPE = "https://www.googleapis.com/auth/cloud-platform";
static final String CHAT_SCOPE = "https://www.googleapis.com/auth/chat";
static final String CHAT_BOT_SCOPE = "https://www.googleapis.com/auth/chat.bot";
static final List<String> scopes = Lists.newArrayList(
    CLOUD_SCOPE,
    CHAT_SCOPE,
    CHAT_BOT_SCOPE);
Mike
  • 121
  • 1
  • 5