Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FileCredentialStore failing on Windows #55

Closed
wonderfly opened this issue Jan 9, 2015 · 7 comments
Closed

FileCredentialStore failing on Windows #55

wonderfly opened this issue Jan 9, 2015 · 7 comments
Assignees
Labels
🚨 This issue needs some love. triage me I really want to be triaged. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.

Comments

@wonderfly
Copy link
Contributor

From yan...@google.com on October 09, 2012 05:21:35

Version of google-oauth-java-client (e.g. 1.5.0-beta)? http://javadoc.google-oauth-java-client.googlecode.com/hg/1.11.0-beta/com/google/api/client/extensions/java6/auth/oauth2/FileCredentialStore.html https://groups.google.com/forum/?fromgroups=#!topic/google-api-java-client/HQzgKGyAMOU Java environment (e.g. Java 6, Android 2.3, App Engine)? Windows. Possibly others? Describe the problem. We're getting multiple reports of FileCredentialStore failing to set file permissions, throwing an IOException, and therefore not working at all. How would you expect it to be fixed? Need to investigate the most appropriate fix. One option is to simply log a warning instead of throwing an IOException.

Original issue: http://code.google.com/p/google-oauth-java-client/issues/detail?id=55

@wonderfly wonderfly added type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns. imported labels Jan 9, 2015
@wonderfly wonderfly self-assigned this Jan 9, 2015
@wonderfly
Copy link
Contributor Author

From aaron.ha...@gmail.com on October 09, 2012 05:59:11

Line 69 of FileCredentialStore.java ( https://code.google.com/p/google-oauth-java-client/source/browse/google-oauth-client-java6/src/main/java/com/google/api/client/extensions/java6/auth/oauth2/FileCredentialStore.java?spec=svn2c0510b314d24701810aa277f5d803a4368b2e20&r=2c0510b314d24701810aa277f5d803a4368b2e20#69 ) causes the new IOException to be thrown on Windows (tested on Windows 7). file.setReadable(false, false) returns false.

This does not fail on Linux (Ubuntu 12.04). This is currently a blocker for me as I need this operation to work on Windows. Is there a workaround?

@wonderfly
Copy link
Contributor Author

From david.bu...@machaira.com.au on October 09, 2012 07:01:01

@1, for a workaround you should probably look a little deeper into how the File.setReadable(boolean,boolean) method is implemented on Windows. Logically from the point of view of google-oauth-client, setting the permissions of a file containing credentials to "'everybody' cannot read this" makes a lot of sense.

From the Javadoc, File.setReadable() returns false when "the user does not have permission to change the access permissions of this abstract pathname". On NTFS, File.setReadable(false,false) would translate to something like "revoke read permission from everyone except OWNER" (or maybe except current user). Ergo, the user which is executing the JVM will need permissions to accomplish that. So can you fix that as part of your application's installation process? Also, does it work if you run your app 'as administrator'? Reading the source code of java/io/File.java may also be illuminating.

@wonderfly
Copy link
Contributor Author

From aaron.ha...@gmail.com on October 09, 2012 08:39:51

FileCredentialStore calls File.setReadable(false, false) and File.setExecutable(false, false), both of which return false on Windows, even when the process is granted admin privileges. FileCredentialStore needs to be more forgiving in this case. I don't disagree with the philosophy behind these file permissions that Google has implemented.

The workaround so far is not using a credential store, but this requires browser interaction every time. Another solution would be to home-brew a windows-friendly credential store, which would be unfortunate.

@wonderfly
Copy link
Contributor Author

From yan...@google.com on October 24, 2012 10:35:07

Changed it to just be a warning instead of throwing an IOException. To be honest, I don't have a Windows device to test this fix on, so I'd really appreciate it if you could check if it works for you.

Status: Fixed
Owner: yan...@google.com
Cc: ngmic...@google.com
Labels: -Priority-Medium -Milestone-Version1.13.0 Priority-High Milestone-Version1.12.0

@wonderfly
Copy link
Contributor Author

From aaron.ha...@gmail.com on October 25, 2012 07:36:19

Looks good. I am using maven to manage my dependencies. What version of the google-api-services-oauth2 artifact do I need to grab to test this change?

Forgot to mention before- in the meantime my workaround was manually putting the json credential file on the windows machine only containing
{"credentials":{}}
This way, it wouldn't bomb on creating the file.

@wonderfly
Copy link
Contributor Author

From derek48...@gmail.com on July 31, 2014 20:30:37

This is considered a fix?

@Subrata-cisco
Copy link

What we need the Input stream from the Json file, which we can get by
Path path = Paths.get("E:\Subrata\developement\mywork\everify\secret.json");
SeekableByteChannel sbc = Files.newByteChannel(path);
InputStream inn = Channels.newInputStream(sbc);

Then call GoogleClientSecrets clientSecrets =
GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(inn));

And all done for Windows testing !!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🚨 This issue needs some love. triage me I really want to be triaged. type: bug Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Projects
None yet
Development

No branches or pull requests

3 participants