Invalid credentials error during authentication with OmniAuth Google OAuth 2 gem
Lachlan Cotter
I've been using OmniAuth with Google OAuth2 to connect to calendar APIs.
Everything was working fine until a couple of days ago when I noticed mysterious errors related to missing refresh tokens.
A little digging turned up this article:
http://googlecode.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
which explains that the API has been changed and I now need to pass additional arguments if I want to ensure I get the refresh token when authenticating.
I updated to omniauth-google-oauth2 v0.1.8 which has apparently been updated to fix the error (I checked the source to verify it is indeed passing the new access_type and approval_prompt arguments as required.
However the new implementation is broken.
When I attempt to authenticate to get new credentials from Google, I get presented with the permission page as expected, but after I grant permission and Google redirects back to my app, OmniAuth redirects the request to /auth/failure?message=invalid_credentials.
It appears that Google is returning this result:
{
"error": {
"errors": [{
"Domain": "com.google.auth"
"Reason": "invalidAuthentication"
"message": "invalid token",
"LocationType": "header"
"location": "Authorization"
}],
"code": 401,
"message": "invalid token"
}
}
But when I check the Authorizations page in my Google Account, it shows my application in there, as if the authorization has completed successfully.
I have no idea what to try next. As far as I can tell I'm doing everything to spec. The credentials should be valid as I was using them without issue before.
Any suggestions on how to proceed would be very much appreciated—this change has essentially broken my app.
Cheers,
Lach
