0

I am adding the new Google+ signin button to my app and having some problems with making authenticated calls. I have included the html and javascript as described in the docs and the signin works. I have can even see the access token. However when I make a request to an authenticated endpoint I get an "invalid credentials" response. For example I am attempting:

gapi.client.oauth2.userinfo.get().execute(function(resp){console.log(resp);});

I can make this call if I use the regular google oauth methods ( gapi.auth.authorize()). What is going on here? what am I doing wrong?

I am requesting the userinfo.email and userinfo.profile scopes with the google+ button.

Html for G+ signin:

<span id="signinButton">
<span
 class="g-signin"
 data-callback="signinCallback"
 data-apppackagename="com.mypackage" 
 data-clientid="myclientID"
 data-cookiepolicy="single_host_origin"
 data-requestvisibleactions="http://schemas.google.com/AddActivity"
 data-scope="https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/devstorage.read_only https://www.googleapis.com/auth/plus.login">

js included for G+ signin button(just before ):

(function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/client:plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

callback for G+ button:

function signinCallback(authResult) {
  if (authResult['access_token']) { 
    signin();
  } else if (authResult['error']) {
     console.log('There was an error: ' + authResult['error']);
  }
}

Request for userprofile:

gapi.client.oauth2.userinfo.get().execute(function(resp) {console.log(resp);});

The request includes the Authorization header with a token(seen through chrome dev tools).

Update:

I have also attempted using gapi.auth.authorize() in immediate mode. This did not work for and returned a null response. When I ran this with immediate mode set to false, I was presented with the authorization prompt (again, after authorizing with g+ button). After this my authorized calls worked. Below is my code:

gapi.auth.authorize({client_id: 'myClientID', scope: 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/devstorage.read_only',
                immediate: mode, response_type: 'token id_token'}, callback);
Patrick Jackson
  • 18,766
  • 22
  • 81
  • 141
  • Can you post your code that you are using including the sign-in button code, the signin callback and the full OAuth request code? This will help us look into your problem. – BrettJ Mar 07 '13 at 16:32

3 Answers3

2

I built a repro of your use case and documented it in this gist, it's working fine for me. Some other notes:

  • if you request plus.login, you shouldn't request userinfo.profile because it's included as part of plus.login and would create duplicate permissions in the authorization dialog. You can find more on this in the best practices section of the docs.

  • you should use data-apppackagename only to provide the package for a valid android application, otherwise you might trigger 500 errors in the auth dialog.

Silvano
  • 1,005
  • 6
  • 6
  • OK, thanks for the post. I will be working on this later. The 'data-apppackagename' is a valid android app, so I know that is not the issue. I will remove the user.profile and see if that gets me somewhere. – Patrick Jackson Mar 08 '13 at 13:08
  • Still not working for me...my code is almost identical to yours, the token is sent with the request, but I still get 'invalid credentials' – Patrick Jackson Mar 14 '13 at 20:29
1

The first thing to check is to make sure you're requesting the scopes that gapi.client.oauth2.userinfo is looking for. You can request additional scopes as part of the button.

Use the network console in something like Chrome to see if there is an Authorized: header passed along with the request and what it might be. If it isn't sent or is undefined, the token itself may not have been set, in which case you might need to set the auth token with gapi.auth.setToken() as documented at https://code.google.com/p/google-api-javascript-client/wiki/ReferenceDocs or just call gapi.auth.authorize in immediate mode with the same scopes, which should make sure it gets the token.

Prisoner
  • 49,922
  • 7
  • 53
  • 105
  • according to the g+ signin button docs you should not have to set the token manually. I will be checking this though. The scopes have been requested in the g+ signin button. – Patrick Jackson Mar 07 '13 at 16:25
  • Authorization header is included in the request – Patrick Jackson Mar 07 '13 at 16:30
  • I have tried using gapi.auth.authorize in immediate mode, and I still get an "invalid credentials" response. – Patrick Jackson Mar 07 '13 at 16:51
  • If the Authorization header is included, and this matches the token you get back, it very much sounds like you're missing scopes that you need. What scopes are you requesting as part of the button? – Prisoner Mar 07 '13 at 18:00
0

I have done the google authentication by using OAuth2Authenticator in android xamarin. steps might be helpful to you.

1.register in google developer console as webapplication instead of installed application(android)* provide the redirect url with valid url ("http://abcd.com/xyz.aspx") same should be used in the application code.

2.on authentication complete it will return access_token

3.by using the access_token make the REST request to get user complete information (https://www.googleapis.com/oauth2/v1/userinfo?access_token=" + accessTokenValue + “.)

4.Deserialize the json response to get information in object. check more here :Google Account login Integration for android Xamarin

Community
  • 1
  • 1
Suchith
  • 1,276
  • 17
  • 39