Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is SSL required to use the google plus api?

Im fairly new to Oauth2.0.
I wanted to start using the Google Plus api.

I used the following resources

"Using OAuth 2.0 to Access Google APIs" documentation.

Google Plus Oauth Api scope key (https://www.googleapis.com/auth/plus.me).

After playing with curl and having success with other "scope keys" . I encountered the following error with the google plus scope (https://www.googleapis.com/auth/plus.me).

"Token invalid - AuthSub token has wrong scope"

Then i found the solution Google’s OAuth Pain: Token invalid – AuthSub token has wrong scope

It pointed out the following:

if you’re getting a “Token Invalid – AuthSub token has wrong scope” error when you’re trying to use OAuth (or even AuthSub for that matter?), make sure the scope you’re requesting is using the same protocol as you’re using

I did what he said , took the "s" off the scope "

http://www.googleapis.com/auth/plus.me

But now it gives me this error

enter image description here

Does this mean that your site MUST use SSL?

Thanks for the feedback.

EDIT: Turns out i was using the wrong api
Should be https://www.googleapis.com/plus/v1/people/me?access_token=xxxx

like image 790
Bodman Avatar asked Sep 19 '11 22:09

Bodman


2 Answers

Your site doesn't need to use SSL but all calls it makes to the Google+ API must use HTTPS. See: http://developers.google.com/+/api/oauth for more information about OAuth scopes in Google+

like image 75
ade Avatar answered Sep 23 '22 07:09

ade


I found the answer, i was using the wrong url for the api

https://www.googleapis.com/plus/v1/people/me?access_token={hash}

like image 26
Bodman Avatar answered Sep 24 '22 07:09

Bodman