so i implemented google plus login to my app... my implementation pretty closely follows the example given here. The biggest difference between mine and his is that i have a larger set of scopes that i require. when building my plusclient i specify the following scopes:
"https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email"
later down the line in my onConnected method i attempt to get an accesstoken from my session in order to pass to our server where we do the real meat & potatos work.
GoogleAuthUtil.getToken(SplashActivity.this, mPlusClient.getAccountName(), "oauth2: https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email")
this does yield an accesstoken. YIPPEE! right? nope. when we try and use this token it seems that it is not associated with our app. when running the token through googles tokeninfo endpoint, we get something along the lines of
{
"issued_to": "608941808256-43vtfndets79kf5hac8ieujto8837660.apps.googleusercontent.com",
"audience": "608941808256-43vtfndets79kf5hac8ieujto8837660.apps.googleusercontent.com",
"user_id": "107245641469745809180",
"scope": "https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/userinfo.profile https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email",
"expires_in": 3577,
"email": "[email protected]",
"verified_email": true,
"access_type": "online"
}
that issued_to value does not match up with any of our client id's. according to the last part of this blog post google is unable to match this token request up with our project. however, in our API console i do indeed have the SHA fingerprint in there for android and it is indeed separated with the package name by a semicolon. no spelling mistakes. i've waited hours to see if it was a propagation issue. i also added the SHA fingerprint and whatnot to create a clientid for our debug keystore. we have the same issue whether we export a signed apk out of eclipse or if we run it directly.
this is driving me insane. i don't know where to turn with this.
as an example, when making a call to
googleapis.com/plus/v1/people/me/people/visible?access_token=TOKEN_HERE&maxResults=100&pageToken=&alt=json&orderBy=best
i get
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "accessNotConfigured",
"message": "Access Not Configured"
}
],
"code": 403,
"message": "Access Not Configured"
}
}
because google for whatever reason did not associate that token with my project.
so far, this is coming across as a bug in the google api.
if i take out the "https://www.google.com/m8/feeds" scope then everything works and the token is successfully associated with our project. if "https://www.google.com/m8/feeds" is included as a requested scope, everything breaks on the api side despite the fact that it prompts the user properly for that specific permission. although we still get a token when requesting this scope, the token is not associated with our project.
String accessToken = GoogleAuthUtil.getToken(getActivity(), plusClient.getAccountName(),
"oauth2:" + Scopes.PLUS_LOGIN + " " + Scopes.PLUS_PROFILE + " " + MY_SCOPE);
My code works. Maybe you have unnecessary lable after "oauth2:"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With