OmniAuth using google oauth 2 strategy scope failure

Question

I'm working on getting calendar data from google using OmniAuth and the google-oauth-2 strategy.

If I put nothing into the scope field it works fine and I get the default info without the auth/failure message and I can use the app normally.

However the moment I add a scope, as in the example below, I get an "auth/failure?message=invalid_credentials".

Rails.application.config.middleware.use OmniAuth::Builder do
    provider :google_oauth2, ENV['TEST_KEY'], ENV['TEST_SECRET'], { :scope => 'https://www.google.com/calendar/feeds/' }
end

Is there something I'm missing or something I should change?

Answer 1

A quick e-mail from the google-oauth-2 strategy author pointed out the following:

If you don't include the profile scopes, it fails to authenticate.

By adding userinfo.email and userinfo.profile (along with the calendar scope) to the comma separated :scope list I was able to fix the problem.

Example:

Rails.application.config.middleware.use OmniAuth::Builder do
    provider :google_oauth2, ENV['TEST_KEY'], ENV['TEST_SECRET'], 
           { :scope => 'userinfo.email, userinfo.profile, https://www.googleapis.com/auth/calendar' }
end

Answer 2

Funny, this didn't work for me. I was able to make it work, removing the comma from the scope:

Rails.application.config.middleware.use OmniAuth::Builder do
    provider :google_oauth2, ENV['TEST_KEY'], ENV['TEST_SECRET'], 
    { :scope => 'https://www.googleapis.com/auth/docs https://www.googleapis.com/auth/userinfo.profile' }
end