invalid url in google API console

calvin crane

unread,

Jan 23, 2014, 8:32:55 AM1/23/14

to ang...@googlegroups.com

I am getting an error in that I cant use the following url in google API console. This url is for an OAuth return after a user authenticates with youtube and says my Angular App can talk to it.

http://site.github.io/videos.html#/oauth2callback

It seems it doesnt like the hashtag...If I use modrewrite this might work but i fear it could break the sensitive nature of tokens and urls being not the same but I think mostly not as this is incoming request to MY server.

Sander Elias

unread,

Jan 23, 2014, 8:46:21 AM1/23/14

to ang...@googlegroups.com

Hi Calvin,

It sounds to me that you are mixing up server-side oauth and client-side oauth. Those use very different settings/keys etc in your google dashboard.

Regards

Sander

calvin

unread,

Jan 23, 2014, 8:50:18 AM1/23/14

to ang...@googlegroups.com

No I’m not and even the console doesn’t care which version of Oauth unless I missed a step…But I don’t think so. It seems to be the hash is causing the issue as it allows query string…I just really want to avoid a nasty hack so am looking at reposting so I can use mod rewrite and get my hash tag back so that Angular can route properly. Using a js redirect for me then makes for a potential mess I think mod rewrite is better or even better still for google to allow a hash in the url redirect.

--
You received this message because you are subscribed to a topic in the Google Groups "AngularJS" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/angular/GvkTlz_0qn8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to angular+u...@googlegroups.com.
To post to this group, send email to ang...@googlegroups.com.
Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/groups/opt_out.

Sander Elias

unread,

Jan 23, 2014, 9:17:56 AM1/23/14

to ang...@googlegroups.com

Calvin,

I have build a working google client side authentication service, (sorry I can't share it (yet!)), I just checked, there is no callback involved.

Regards

Sander

calvin

unread,

Jan 23, 2014, 9:21:54 AM1/23/14

to ang...@googlegroups.com

This is the page I am following [https://developers.google.com/console/help/new/#generatingoauth2] – but I am very confused how there can be no callback – or rather a redirect. The user logs in to a google namespace secure page so how does you app/site/server then get notification without a redirect from this new window that the user agreed your app could do X ?

From: Sander Elias <sande...@gmail.com>
Reply-To: <ang...@googlegroups.com>
Date: Thu, 23 Jan 2014 06:17:56 -0800 (PST)
To: <ang...@googlegroups.com>

--

Sander Elias

unread,

Jan 23, 2014, 9:28:10 AM1/23/14

to ang...@googlegroups.com

Calvin,

Try this documentation: https://developers.google.com/+/web/signin/javascript-flow

Regards

Sander

calvin

unread,

Jan 23, 2014, 9:55:53 AM1/23/14

to ang...@googlegroups.com

I went through this method which is for the plus button and I was able to login ok. There is a callback here. I am unsure as of yet if the token is going to allow me to do the stuff I need like this. But it seems to work for me so far.

I would like to get a method working whereby I don’t need to use the google plus button method. I am keen to hear what people think about the redirect url and how neat that could work in a single page app like angular with its routing.

From: Sander Elias <sande...@gmail.com>
Reply-To: <ang...@googlegroups.com>
Date: Thu, 23 Jan 2014 06:28:10 -0800 (PST)
To: <ang...@googlegroups.com>
Subject: Re: [AngularJS] Re: invalid url in google API console

--

Sander Elias

unread,

Jan 23, 2014, 10:19:44 AM1/23/14

to ang...@googlegroups.com

Hi Calvin,

This is the official google oauth client side method. In the google developers console you can ask for the api's you need. You can disable the plus api, and enable the youtube api. by setting the scope, you inform/ask the user to give access to his data.

Regards

Sander

calvin

unread,

Jan 23, 2014, 10:24:17 AM1/23/14

to ang...@googlegroups.com

Well as I sent earlier its not the only official one – this one is for the button. I wanted to make a custom call to authorise on any thing…but your example is now working here

http://www.gamerdj.net.gridhosted.co.uk/videos.html#/

Its a bit of a mess now as its not angularised anymore but I can tidy away the loose scripts..I don’t consider this solved for me just worked around but thanks for your ideas – I am at least moving again with a token. I next wonder if again I try to use it it will again try to come back using the redirect url provided which isn’t the valid one without an htaccess rewrite..

From: Sander Elias <sande...@gmail.com>
Reply-To: <ang...@googlegroups.com>
Date: Thu, 23 Jan 2014 07:19:44 -0800 (PST)
To: <ang...@googlegroups.com>
Subject: Re: [AngularJS] Re: invalid url in google API console

Sander Elias

unread,

Jan 23, 2014, 10:45:25 AM1/23/14

to ang...@googlegroups.com

Hi Calvin,

The callback solution can only work if you have control over the server hosting your app. If you use this in the client side, you are disclosing your 'super secret' server key into the client. It can work, however, it will enable any dev to use the google api on your account. (it's not 1,2,3 ready, but it is a real issue!) You will be held liable for that.

The callback system is designed to let your server do the authentication. If used correctly used you can access the users data using your server. This has a whole different set of possibilities!