Troubleshooting 401 with GoogleLogin Authorization header
I was writing a small script to retrieve some data from Google Finance using the relevant Google Data API. I’m writing a stand-alone, desktop application and have therefore used the ClientLogin username and password authentication. The login worked fine, I was receiving HTTP status 200 and the appropriate response with the authentication token. Yet any subsequent attempt to use the Data API (to insance to retrieve the portfolio data) failed with HTTP 401 Token Invalid error.
It turned out hat the cause of getting the 401 error was in the way I set up the Authorization header sent with my requests. Unlike with AuthSub Authorization header used for web applications, the token value for ClientLogin authentication must not be enclosed in (double-)quotes. This is a mistake easy to make when switching from AuthSub to ClientLogin, resulting in HTTP status 401 reply for any Data API request. Remove the quotes around the token and the Data API request will work fine.
A small sample:
#!/bin/bash
if [ -e ClientLogin ]
then
rm ClientLogin
fi
wget --no-check-certificate --post-file=post.txt \
https://www.google.com/accounts/ClientLogin
TOKEN=`cat ClientLogin | grep Auth | \
sed "s#Auth=##" | xargs echo -n`
wget --header="Authorization: GoogleLogin auth=${TOKEN}" \
http://finance.google.com/finance/feeds/default/portfolios
where post.txt is something like:
POST /accounts/ClientLogin HTTP/1.0 Content-type: application/x-www-form-urlencoded accountType=HOSTED_OR_GOOGLE&Email=__EMAIL__&Passwd=__PASSWD__ &service=finance&source=yken.org-learningGoogleAPI-0.1
Replace __EMAIL__ and __PASSWD__ with appropriate value. When the script is finished, you will have the relevant portfolio information saved in the “portfolio” file.