Skip Menu |

This queue is for tickets about the LWP-Authen-OAuth2 CPAN distribution.

Report information
The Basics
Id: 90852
Status: resolved
Priority: 0/
Queue: LWP-Authen-OAuth2
People
Owner: Nobody in particular
Requestors: domm [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: 0.05
Fixed in: 0.06

History Show all quoted text
  Wed Nov 27 06:01:25 2013 domm [...] cpan.org - Ticket created
Subject: Google needs redirect_uri
Hi Ben! I'm currently using LWP-Authen-OAuth2 for some oauth logins, and after lots of brain-melting trying and doc-reading, I finally got something working for Google. But: It seems that Google requires the parameter 'redirect_uri' for request_tokens. I've added it to LWP::Authen::OAuth2::ServiceProvider::Google::*->request_required_params but this method is never called. So I've added it to LWP::Authen::OAuth2::ServiceProvider->request_optional_params, and now it works. a) I'm not sure if Google actually requires the request_uri, but from the error messages I got back I strongly believe it does. b) If I understood your code correctly, adding 'request_uri' to ServiceProvider::Google::*->request_required_params should do the trick, but in my tests this code was never called (and I don't really want to investigate why) So the real bug is (IMO) that the method in the subclass is never called. c) adding 'request_uri' to ServiceProvder itself can only be considered a crude workaround. Any ideas? You can see my code in my github fork at: https://github.com/domm/perl-oauth2 I can send you a pull request, but as I don't have a fix yet I think this might just confuse things... Greetings, domm
  Wed Nov 27 22:32:12 2013 TILLY [...] cpan.org - Correspondence added
Sorry for being slow to respond. I was traveling today. Can you please show me the code that is failing? Are you setting a service_provider? I've dotted out everything that is personal, but the following code works for me and passes the redirect_uri everywhere it needs to. my $token_string = "..."; my $oauth2 = LWP::Authen::OAuth2->new( client_id => "...", client_secret => "...", redirect_uri => "https://.../", service_provider => "Google", token_string => $token_string, ); print $oauth2->get( "https://www.googleapis.com/bigquery/v2/projects/.../datasets" )->content(); print $oauth2->token_string, $/; (As for the complexity of OAuth2, I sympathize. I tried to write the doc that would have helped me at the start, but it is all a complicated mess.)
  Wed Nov 27 22:32:13 2013 The RT System itself - Status changed from 'new' to 'open'
  Thu Nov 28 03:49:37 2013 domm [...] cpan.org - Correspondence added
Am Mi 27. Nov 2013, 22:32:12, TILLY schrieb: Show quoted text
> Sorry for being slow to respond. I was traveling today.
I wouldn't consider ~12h response time slow :-) Show quoted text
> Can you please show me the code that is failing? Are you setting a > service_provider? I've dotted out everything that is personal, but > the following code works for me and passes the redirect_uri everywhere > it needs to.
The bug is triggered befor I even get the token: copy/pasting and slightly rearranging things: my $client = LWP::Authen::OAuth2->new( client_id => $self->consumer_key, client_secret => $self->consumer_secret, service_provider => "Google", scope=>'email', redirect_uri=>$self->callback, ); redirect to $client->authorization_url sub callback { my ($self, $params) = @_; my $code = $params->{code} my $client = $self->client; # gets a new client, as above $client->request_tokens(code => $code); ... } I get the error: OAuth2 error: invalid_request in the line $client->request_tokens(code => $code); I've added some debug code to post_to_token_endpoint to dump the HTTP req & res: the REQUEST: POST https://accounts.google.com/o/oauth2/token User-Agent: libwww-perl/6.05 Content-Length: 188 Content-Type: application/x-www-form-urlencoded code=...&grant_type=authorization_code&client_secret=...&client_id=....apps.googleusercontent.com And the RESPONSE (minus some headers): HTTP/1.1 400 Bad Request { "error" : "invalid_request" } The exampel request from google includes the redirect_uri: https://developers.google.com/accounts/docs/OAuth2Login#sendauthrequest https://accounts.google.com/o/oauth2/auth? client_id=424911365001.apps.googleusercontent.com& response_type=code& scope=openid%20email& redirect_uri=https://oa2cb.example.com/& state=security_token%3D138r5719ru3e1%26url%3Dhttps://oa2cb.example.com/myHome& login_hint=jsmith@example.com Hm, now that I look it this request looks quite different... Anyway, if I add 'redirect_uri' to request_optional_params (in ServiceProvider!), the request is accepted by google and I get back the JSON containing the access_token, id_token, etc No idea what's going on here... (PS: It seems I'll have to do a Facebook Oauth login, so I''ll probably add a Facebook Service Provider in the near future (if you don't mind)) Greetings, domm Show quoted text
> > print $oauth2->get( > "https://www.googleapis.com/bigquery/v2/projects/.../datasets" > )->content(); > print $oauth2->token_string, $/; > > > (As for the complexity of OAuth2, I sympathize. I tried to write the > doc that would have helped me at the start, but it is all a > complicated mess.)
  Thu Nov 28 11:00:24 2013 btilly [...] gmail.com - Correspondence added
Subject: Re: [rt.cpan.org #90852] Google needs redirect_uri
Date: Thu, 28 Nov 2013 08:00:04 -0800
To: bug-LWP-Authen-OAuth2 [...] rt.cpan.org
From: Ben Tilly <btilly [...] gmail.com>
Sorry, my bug. In version 3 I made the decision that naming everything client_type was less confusing, and did it everywhere but the Google service provider. So it was not picking up the right class. I've just checked in the fix and am uploading to CPAN now. I would be happy to have a Facebook service provider. On Thu, Nov 28, 2013 at 12:49 AM, Thomas Klausner via RT <bug-LWP-Authen-OAuth2@rt.cpan.org> wrote: Show quoted text
> Queue: LWP-Authen-OAuth2 > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=90852 > > > Am Mi 27. Nov 2013, 22:32:12, TILLY schrieb:
>> Sorry for being slow to respond. I was traveling today.
> > I wouldn't consider ~12h response time slow :-) >
>> Can you please show me the code that is failing? Are you setting a >> service_provider? I've dotted out everything that is personal, but >> the following code works for me and passes the redirect_uri everywhere >> it needs to.
> > The bug is triggered befor I even get the token: > > copy/pasting and slightly rearranging things: > > my $client = LWP::Authen::OAuth2->new( > client_id => $self->consumer_key, > client_secret => $self->consumer_secret, > service_provider => "Google", > scope=>'email', > redirect_uri=>$self->callback, > ); > > redirect to $client->authorization_url > > sub callback { > my ($self, $params) = @_; > my $code = $params->{code} > my $client = $self->client; # gets a new client, as above > $client->request_tokens(code => $code); > ... > } > > I get the error: > OAuth2 error: invalid_request > in the line $client->request_tokens(code => $code); > > I've added some debug code to post_to_token_endpoint to dump the HTTP req & res: > > the REQUEST: > > POST https://accounts.google.com/o/oauth2/token > User-Agent: libwww-perl/6.05 > Content-Length: 188 > Content-Type: application/x-www-form-urlencoded > > code=...&grant_type=authorization_code&client_secret=...&client_id=....apps.googleusercontent.com > > And the RESPONSE (minus some headers): > > HTTP/1.1 400 Bad Request > { > "error" : "invalid_request" > } > > The exampel request from google includes the redirect_uri: > https://developers.google.com/accounts/docs/OAuth2Login#sendauthrequest > > https://accounts.google.com/o/oauth2/auth? > client_id=424911365001.apps.googleusercontent.com& > response_type=code& > scope=openid%20email& > redirect_uri=https://oa2cb.example.com/& > state=security_token%3D138r5719ru3e1%26url%3Dhttps://oa2cb.example.com/myHome& > login_hint=jsmith@example.com > > Hm, now that I look it this request looks quite different... > > Anyway, if I add 'redirect_uri' to request_optional_params (in ServiceProvider!), the request is accepted by google and I get back the JSON containing the access_token, id_token, etc > > No idea what's going on here... > > (PS: It seems I'll have to do a Facebook Oauth login, so I''ll probably add a Facebook Service Provider in the near future (if you don't mind)) > > Greetings, > domm > > > > > > > > >
>> >> print $oauth2->get( >> "https://www.googleapis.com/bigquery/v2/projects/.../datasets" >> )->content(); >> print $oauth2->token_string, $/; >> >> >> (As for the complexity of OAuth2, I sympathize. I tried to write the >> doc that would have helped me at the start, but it is all a >> complicated mess.)
> > >
  Fri Jun 27 11:19:06 2014 domm [...] cpan.org - Correspondence added
Bug was fixed a long time ago
  Fri Jun 27 11:19:07 2014 domm [...] cpan.org - Status changed from 'open' to 'resolved'
  Fri Jun 27 11:19:07 2014 domm [...] cpan.org - Fixed in 0.06 added