Android ClientLogin Authentication - HTTPURLConnect

I have implemented an HTTPOperations class in Android that can successfully produce an HTTP POST request. This class extends AsyncTask so that it can run in the background.

This is used to create an HTTP request that authenticates with the Google Blogger service开发者_如何学JAVA using the ClientLogin method (detailed here: http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html )

Recently I have run into issues where I am getting a FileNotFoundException even if I enter the correct credentials. I'm completely puzzled as just a few days ago it was working fine with correct credentials and only returning a FileNotFoundException when I entered the wrong credentials.

My questions would be:

• Why is it returning a FileNotFoundException when I POST incorrect credentials - why does it not just return a string stating Error=BadAuthentication like it does when you access via a browser? https://www.google.com/accounts/ClientLogin

• Why am I experiencing issues now even with the correct credentials? It may be worth noting my HTTP POST is correct, I know because if I POST to the HTTP version of CLientLogin rather than the HTTPS one, I get the HTTP 302 Moved Temporarily error page.

My HTTPOperations class is built using HttpURLConnection class in Java, I then set the headers and method of this HttpURLConnection accordingly and open a DataOutputStream to write my POST request, I then open an InputStream to retrieve the response. This is where the exception is caught if credentials incorrect (and now if they are correct).

I must stress using a different method of authentication is not a useful solution, unfortunately I must continue using this ClientLogin. It is also extremely difficult to trace in packages like Wireshark due to the call being made over HTTPS.

If you would like any code, etc, please let me know.

I call into the class (which is a singleton) using:

AsyncTask<String,Void,String> requestResult = httpOp.execute("post","https://www.google.com/accounts/ClientLogin",postData,"true","");

A few notes:

1. ClientLogin is a legacy API and is being replaced by other protocols (OAuth). Google says:

   AuthSub and ClientLogin are Google's proprietary authorization APIs, available
   as an alternative to OAuth for most Google APIs. If possible, you should avoid
   using these services
   

2. There is a warning about ClientLogin that it might not work with all Google accounts.

3. Instead of rolling your own, there is a Google API Client Library for Java, which is a recommended way to access Google APIs.