Making an OAuth signed POST request over SSL from app engine

Question

Ran into an interesting issue with google app engine (on the java runtime). From within an app engine task/view, I'm attempting to contact an external webservice API.

The external API uses OAuth for authentication and only accepts requests over SSL. The particular method I'm calling is a POST request.

Option 1: Use the AppEngine URLFetch Service. However, I don't see a way to do the OAuth signing. URL Fetch uses the java.net HttpURLConnection, which streams it's requests, precluding signing. My go-to java OAuth library is oauth-signpost, but it doesn't support java.net for this reason. Is there an OAuth library that is compatible with HttpURLConnection?

Option 2: Use another URL fetching library. My favorite HTTP library is the apache commons HTTP library. However, this causes a problem when using SSL, since javax.ssl is prohibited by the app engine sandbox. I get the following error attempting to use the apache library over SSL:

java.lang.NoClassDefFoundError: javax.net.ssl.KeyManagerFactory is a restricted class. Please see the Google App Engine developer's guide for more details.
at javax.net.ssl.KeyManagerFactory.<clinit>(KeyManagerFactory.java)
at org.apache.http.conn.ssl.SSLSocketFactory.createSSLContext(SSLSocketFactory.java:223)

I assume because you can't open sockets directly.

This is all a sad confluence of OAuth / POSTs / SSL / App engine which I don't quite see a way out of. Would love to hear any and all suggestions =)

Answer 1

1. google-oauth-java-client

2. HttpClient should work in AppEngine, if you use custom ConnectionManager that wraps UrlFetch. Details are here and here.