Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
DotNetOpenAuth
Home
+ new post
About this group
Join this group
DNOA using OAuth 2 for getting infos from google
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   8 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Andrew Arnott  
View profile  
 More options Jul 23 2012, 10:18 am
From: Andrew Arnott <andrewarn...@gmail.com>
Date: Mon, 23 Jul 2012 07:18:16 -0700
Local: Mon, Jul 23 2012 10:18 am
Subject: RE: [dotnetopenauth] Re: DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

It should work, considering Google themselves ship an OAuth2 client sample
for .NET that uses DNOA underneath.  But I'll build a test and see what
happens.

Sent from my Windows Phone
------------------------------
From: Fred
Sent: 7/23/2012 4:26 AM
To: dotnetopenid@googlegroups.com
Subject: [dotnetopenauth] Re: DNOA using OAuth 2 for getting infos from
google

Any ideas?

Is the current implementation of DotNetOpenAuth compatible with google's
implementation or is my problem due to the fact, that OAuth 2 isn't final
yet ?

Wishes,
Manfred

Am Montag, 23. Juli 2012 00:23:00 UTC+2 schrieb Fred:

 --
You received this message because you are subscribed to the Google Groups
"DotNetOpenAuth" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/dotnetopenid/-/2u4W9KtYFUcJ.
To post to this group, send email to dotnetopenid@googlegroups.com.
To unsubscribe from this group, send email to
dotnetopenid+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/dotnetopenid?hl=en.

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Fred  
View profile  
 More options Jul 23 2012, 3:58 pm
From: Fred <manfred.ste...@gmx.net>
Date: Mon, 23 Jul 2012 12:58:52 -0700 (PDT)
Local: Mon, Jul 23 2012 3:58 pm
Subject: Re: [dotnetopenauth] Re: DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

Hi Andrew,

what is the URL of this sample? I just found one using a rich client but I
try to use a web-client. Meenwhile I found out, that Google replies with a
valid token when I construct the request by hand using fiddler, but I'm not
able to make DNOA do the same.

I also place my solution, which is - as I seem - pretty Close to the
DNOA-sample below - just for in case.

Thx and wishes,
Fred

8<-------

public class AuthHelper
{
    public static AuthorizationServerDescription GetAuthServerDescription()
    {
        var authServerDescription = new AuthorizationServerDescription();
        authServerDescription.AuthorizationEndpoint = new Uri(@"
https://accounts.google.com/o/oauth2/auth");
        authServerDescription.TokenEndpoint =         new Uri(@"
https://accounts.google.com/o/oauth2/token");
        authServerDescription.ProtocolVersion =       ProtocolVersion.V20;

        return authServerDescription;
    }
    public static WebServerClient CreateClient()
    {

        var desc = GetAuthServerDescription();
        return new WebServerClient(desc,
                    clientIdentifier:
"some.number.apps.googleusercontent.com",
                    clientSecret:
"something_with_underscore_and_a_to_z_and_0_to_9");
    }

}

8<-------
public class SecureController : Controller
{
    static WebServerClient client = AuthHelper.CreateClient();
    public ActionResult OAuth()
    {
        if (string.IsNullOrEmpty(Request.QueryString["code"]))
        {
            return InitAuth();
        }
        else
        {
            return OAuthCallback();
        }

    }
    private ActionResult InitAuth()
    {
        var uri = Request.Url.AbsoluteUri;
        uri = RemoveQueryStringFromUri(uri);
        var state = new AuthorizationState();
        state.Callback = new Uri(uri);
        state.Scope.Add("https://www.googleapis.com/auth/userinfo.profile");
        state.Scope.Add("https://www.googleapis.com/auth/userinfo.email");
        var response = client.PrepareRequestUserAuthorization(state);

        return response.AsActionResult();
    }
    private static string RemoveQueryStringFromUri(string uri)
    {
        int index = uri.IndexOf('?');
        if (index > -1)
        {
            uri = uri.Substring(0, index);
        }
        return uri;
    }
    private ActionResult OAuthCallback()
    {
        // This leads to the Protocol-Exception :-(
        var auth = client.ProcessUserAuthorization(this.Request);
        Session["auth"] = auth;
        return Content("Success!");

    }

}

Am Montag, 23. Juli 2012 16:18:16 UTC+2 schrieb Andrew Arnott:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Andrew Arnott  
View profile  
 More options Jul 23 2012, 9:14 pm
From: Andrew Arnott <andrewarn...@gmail.com>
Date: Mon, 23 Jul 2012 18:14:12 -0700
Local: Mon, Jul 23 2012 9:14 pm
Subject: Re: [dotnetopenauth] DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

The one Google ships is here:
https://code.google.com/p/google-api-dotnet-client/wiki/OAuth2  But IIRC
they use a very old DNOA build and I actually have a fork of their project
that uses the latest one.

As for DNOA failing while your own Fiddler-crafted request succeeds, can
you please describe the differences in the request that you observe in
Fiddler? (Or include both failing and succeeding fiddler trace files?)

--
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Fred  
View profile  
 More options Jul 24 2012, 12:33 pm
From: Fred <manfred.ste...@gmx.net>
Date: Tue, 24 Jul 2012 09:33:52 -0700 (PDT)
Local: Tues, Jul 24 2012 12:33 pm
Subject: Re: [dotnetopenauth] DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

Hi Andrew,

I think, Google expects credentials within the message. If there are no
credentials, it replies with a 400 instead of sending a 401. On the other
hand, I think DNOA only sends credentials after it got a 401.

[1] is the request, DNOA created in my case; [2] is the response to it.
When I include the credentials (see [3])  in the message according to [4],
everything works fine.

What to do now?

Wishes,
Fred

[1]

POST https://accounts.google.com/o/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
User-Agent: DotNetOpenAuth/4.1.0.12182
Host: accounts.google.com
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 158
Expect: 100-continue
Connection: Keep-Alive

code=4%2FbiqWK38xZ5p_sRPqCahWqggwmQYN.os6DXXaAEkgUsNf4jSVKMpbEaYpzcQI&redir ect_uri=https%3A%2F%2Flocalhost%2FRP%2FSecure%2FOAuth&grant_type=authorizat ion_code

[2]
HTTP/1.1 400 Bad Request
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 24 Jul 2012 16:13:11 GMT
Content-Type: application/json
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Content-Length: 33

{
  "error" : "invalid_request"

}

[3]

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=8819981768.apps.googleusercontent.com&
client_secret={client_secret}&
redirect_uri=https://oauth2-login-demo.appspot.com/code&
grant_type=authorization_code

[4] https://developers.google.com/accounts/docs/OAuth2WebServer

Am Dienstag, 24. Juli 2012 03:14:12 UTC+2 schrieb Andrew Arnott:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Andrew Arnott  
View profile  
 More options Jul 24 2012, 8:06 pm
From: Andrew Arnott <andrewarn...@gmail.com>
Date: Tue, 24 Jul 2012 17:06:55 -0700
Local: Tues, Jul 24 2012 8:06 pm
Subject: Re: [dotnetopenauth] DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

Thanks, Fred.  I think Google is following the OAuth 2 spec here (although
the error should probably be "invalid_client" instead of
"invalid_request"), and DNOA isn't responding to the HTTP 400 error as you
say.  Thanks very much for doing this investigation and reporting your
findings.  Getting DNOA to respond to HTTP 400 appropriately is something
we can certainly do.  HttpWebRequest strips out the Authorization header
when I try to put it into the initial request -- it's as if .NET refuses to
send it except in response to an HTTP 401 response.  So we may have to
throw HttpWebRequest out and use something else -- that might actually
require that we take a dependency on .NET 4.0.  Hmmm... This requires more
thought.

Fred, can you please file a bug for this?
https://github.com/dotnetopenauth/dotnetopenauth/issues

Thanks.

--
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre

 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Fred  
View profile  
 More options Jul 24 2012, 11:32 pm
From: Fred <manfred.ste...@gmx.net>
Date: Tue, 24 Jul 2012 20:32:07 -0700 (PDT)
Local: Tues, Jul 24 2012 11:32 pm
Subject: Re: [dotnetopenauth] DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

Hi Andrew,

I've filed a bug at [1] and attached some suggestions for solving this
issue (without to require .NET 4).

Is it possible to attach custom FORM-Parameter? If yes, I could quickly
solve this issue in my demo-code by passing the credentials within the
payload.

Wishes,
Manfred

[1] https://github.com/DotNetOpenAuth/DotNetOpenAuth/issues/185

Am Mittwoch, 25. Juli 2012 02:06:55 UTC+2 schrieb Andrew Arnott:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Andrew Arnott  
View profile  
 More options Jul 25 2012, 12:34 am
From: Andrew Arnott <andrewarn...@gmail.com>
Date: Tue, 24 Jul 2012 21:34:12 -0700
Local: Wed, Jul 25 2012 12:34 am
Subject: Re: [dotnetopenauth] DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

Thanks, Fred.  I forgot that yes, you can force the client creds to be
included as a form parameter.  Just set the client's
ClientCredentialApplicator property
to ClientCredentialApplicator.PostParameter(secret) and you'll get the
behavior you're asking for.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Ethan  
View profile  
 More options Jul 26 2012, 8:50 pm
From: Ethan <ethanpeter...@gmail.com>
Date: Thu, 26 Jul 2012 17:50:44 -0700 (PDT)
Local: Thurs, Jul 26 2012 8:50 pm
Subject: Re: [dotnetopenauth] DNOA using OAuth 2 for getting infos from google
Print | Individual message | Show original | Report this message | Find messages by this author

Thanks Andrew and Fred... I just ran into this same problem and the
ClientCredentialApplicator property fixed it.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google