I'm trying to make an authenticated call to a GAE endpoind method from a plain javascript environment (no gapi client), using the steps listed at: Google Accounts Authentication and Authorization

The code is resembling the implementation found in the googleAuth.js file from: Google Auth (OAuth 2.0) for Titanium.

The code is returning an access_token which is valid for getting user information from googleapis, using:

curl https://www.googleapis.com/plus/v1/people/me?access_token=ya29.iA...

However, when I'm trying to access a method from an endpoint configured with the same settings (client_id, client_secret) used to get the access_token, I'm receiving a null user parameter. The Authorization header is correctly received in method: "Bearer ya29.iA...".

  @ApiMethod(name = "listGreetingsAuth", path = "listGreetingsAuth")
  public ArrayList<Greeting> listGreetingAuth(HttpServletRequest request, User user) throws OAuthRequestException {
      	String text = null;
		if (user == null) {
		   UserService userService = UserServiceFactory.getUserService();
	       User user2 = userService.getCurrentUser();
	       if (user2 != null){
	           text = "cu:" + user2.getEmail();
	       }
	       else {
	    	   //throw new OAuthRequestException("Please authenticate!");
	    	   text = "Not authenticated: -" + request.getHeader("Authorization");
	       }
		}
		else {
			text = "tu:" + user.getEmail();
		}
    ...

Using the endpoint method from the web client (using gapi client.js) is correctly retrieving "tu:<<useremail>>".

I don't know what I'm missing. Isn't the access_token supposed to authenticate the user in the enpoind method?