-
Notifications
You must be signed in to change notification settings - Fork 199
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous #216
Comments
We use WCF for the SOAP API, so that's a good point to start suspecting it as the source of problem. Chris, could you pls investigate this further? We may have to ask the .NET Core team if we get stuck. This is one thread that I found in the context, though that's about Negotiate v/s Anonymous or NTLM v/s Anonymous. https://stackoverflow.com/questions/15570108/the-http-request-is-unauthorized-with-client-authentication-scheme-negotiate. All the threads I have seen suggest that IIS configuration might be a factor. |
@Swapygit are you using a proxy to connect to the AdWords API servers? |
Hi @AnashOommen , We are not using proxy servers for connecting google adwords api. Thanks |
Hi @AnashOommen @christopherseeley Any update on this. Thanks |
Digging a bit into WCF it looks like this is thrown when you get a 401 response. So the question is when is this 401 happening and why. Can you share some more details about your OAuth2 process? Are you using another library for the mobile application auth flow? What is the 'server token' in the context of the OAuth2 steps outlined here: |
Hi Chris, Thanks for your reply here. We are using web app flow. Let me describe my current flow User click connect adwords button in our app (App is build on ionic cardova.) library version of googleplus plugin is cordova.system.library.4=com.google.android.gms:play-services-auth:+ After successful login this plugin return following response obj.userId // user id obj.givenName // 'Eddy' obj.imageUrl // 'http://link-to-my-profilepic.google.com' obj.idToken // idToken that can be exchanged to verify user identity. obj.serverAuthCode // Auth code that can be exchanged for an access token and refresh token for offline access obj.accessToken // OAuth2 access token Using obj.serverAuthCode we start account linking process. Now for all users its working properly , but for some we are getting error in Google.Api.Ads.AdWords.v201809.CustomerService.getCustomers() method. |
Thanks for all the context! The method there will attempt to refresh the access token if it's expired, so it may still be a problem at the OAuth level - do your logs show what URL caused this error? Do you have a stack trace? |
Apology for the delayed response on this thread. We recently got this error. Below is the stack trace and URL which caused this error. Message: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'OAuth realm="https://accounts.google.com/OAuthGetRequestToken"'. let me know if you need more information. |
Can I get any updates on this please |
Hey folks, could someone take a look at this case please? |
I took another look and I still suspect (per #216 (comment)) that this is a general OAuth 401 that is bubbling up in an unusual way. @Swapygit is this happening for new users, or existing ones? How do you handle OAuth refresh token invalidations? If this is a 401 from OAuth it could be that the user revoked access and you need to re-auth. |
Hi @christopherseeley , We are facing this issue intermittently for some users who try to link under our mcc using the mobile app. Could you elaborate on this. I didn't get your point here. |
Since you're using the Web flow, the refresh token may stop working for a number of reasons: If this happens you need to have the user go through the original auth flow again to grant access and store a new refresh token. To test this, you could sign in to your app with a test account, then revoke access for your app here: |
Thanks for the revert here. We will ask our QA/Testing team to do the same and will revert if any further help is required. |
Hi @christopherseeley , Yes, we are using web flow, but we are using the asp.net web api 2 in the back end and in front end we have a mobile where the user is given the consent screen to allow permissions to the app. After the user allows the permission the front end hits the back end web api with the server auth code After that we fetch the access token for the google apis And then we are getting the error at below line Customer[] cst = service.getCustomers(); So I don't think so, the reasons mentioned in the link https://developers.google.com/identity/protocols/oauth2#expiration would affect it in any way. Could you please look into this and revert me. Many Thanks |
Any update on this |
Hi, To help us debug, could you share a small working demo that reproduces the error? Thanks |
Hi Team,
I am trying to link to google adwords account using Oauth2 in C# .net . However, I am getting the following error,
MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'OAuth realm="https://accounts.google.com/OAuthGetRequestToken"'. [Returned while handling POST Request]
I had a communication regarding this with the google adwords support team. They had following reply for this
It looks like the issue is specific to the client library that you're using. Could you please post your concern on the Github issue tracker so the library owners can assist you on this
Kindly suggest what can I do to resolve the exception
Please find the below details regarding the issue which will help you to find the root cause.
We are not using WCF service.We are not using Google Ads Api. We are using Google Adwords API v201809.
Please find below the steps we are following.
We are using ASP.NET MVC Web API. We have a mobile app where user clicks on Connect to google adwords. When the user clicks the button he is redirected to google sign in page and after sign in it is re directed to the back end MVC web API along with the server token. We use this server token and fetch the customer using the service.getCustomers() method of the Google AdWordsService.v201809.CustomerService.
Please find the below code we have used
Customer c = new Customer();
And according to our error logs we are getting the error on the line
Customer[] cst = service.getCustomers();
Also, this error does not occur for all the users. Suppose, out of 100 we are get this error 1 or 2 customer.
If the error was due to code, then it should have occurred for all the users. But that's not the case.
Looking forward for your response.
Thanks.
Swapnil
The text was updated successfully, but these errors were encountered: