401 - Token invalid - AuthSub token has wrong scope

[Naveed]

Hi 

I'm trying to make a simple Get all spreadsheets request after OAuth2 authorization. However I get the "401 - Token invalid - AuthSub token has wrong scope"

I'm using the same OAuth2 token to create folders in Drive so I know the token is getting properly authorized. Something I've noticed from the log is the double slash in AuthSubRequest (highlighted below), but I'm not sure how (if at all) I can change this.

Any help would be greatly appreciated.

--------

Request: GET https://spreadsheets.google.com/feeds/spreadsheets/private/full
Request headers:
  Authorization: Bearer _snip_

Response: status 401
Response headers:
  Cache-Control: private, max-age=0
  Content-Type: text/html; charset=UTF-8
  Date: Thu, 05 Jul 2012 02:59:47 GMT
  Expires: Thu, 05 Jul 2012 02:59:47 GMT
  Server: GSE
  Transfer-Encoding: Identity
  Www-Authenticate: AuthSub realm="https://www.google.com/accounts//AuthSubRequest"
  X-Content-Type-Options: nosniff
  X-Frame-Options: SAMEORIGIN
  X-XSS-Protection: 1; mode=block
  x-chromium-appcache-fallback-override: disallow-fallback

Response body: (213 bytes)
<HTML>
<HEAD>
<TITLE>Token invalid - AuthSub token has wrong scope</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Token invalid - AuthSub token has wrong scope</H1>
<H2>Error 401</H2>
</BODY>
</HTML>

[Greg Robbins]

The Drive auth scope does not cover other APIs. The scope for the spreadsheet API is available as 

[GDataServiceGoogleSpreadsheet authorizationScope]

The class GTMOAuth2Authentication includes a method +scopeWithStrings: for combining scopes. The combined scope should be supplied to the OAuth 2 controller when signing in.

[Naveed]

I had my scope defined as:

     "https://docs.google.com/feeds/ https://docs.googleusercontent.com/ https://spreadsheets.google.com/feeds/"

Replaced it with +scopeWithStrings call. Works now!

Thanks heaps.