How to implement X-OAUTH2 over Xmpp
916 views
Skip to first unread message
nalin kumar
Apr 18, 2011, 3:40:41 PM4/18/11
to oauth2-dev
I noticed that one of the auth mechanisms broadcasted by gtalk server
is X-OAUTH2 which I assume is OAUTH2.0 implemtation of Google.
<mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
<mechanism>PLAIN</mechanism>
<mechanism>X-GOOGLE-TOKEN</mechanism>
<mechanism>X-OAUTH2</mechanism>
</mechanisms>
I tried to use OAUTH2 access tokens to sign in to google talk service
but keep getting SASL error <incorrect-encoding>. Is there any
documentation available on using Google's OAuth2 implementation for
Xmpp?
In Goolge API console I was able to register web based apps (client
side and server side) and get corresponding refresh/access tokens for
my user account. But when I send that access token over xmpp for auth
(SASL), it results in a sasl error with reason <incorrect-encoding/>.
I'm base 64 encoding the access token before sending though I tried
sending access token itself as well. Both result in same error.
I thought it could be that I need to register as a native client app
and not a web app in Google API console. But cannot register an App ID
for native app because the redirect uri mentioned in OAUTH2
documentation "urn:ietf:wg:oauth:2.0:oob" is not being accepted. I get
error saying this redirect uri is not valid for this type of app. Is
there any specialway for regsitering the native app?
Any help here will be greatly appreciated.
-Nalin
is X-OAUTH2 which I assume is OAUTH2.0 implemtation of Google.
<mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
<mechanism>PLAIN</mechanism>
<mechanism>X-GOOGLE-TOKEN</mechanism>
<mechanism>X-OAUTH2</mechanism>
</mechanisms>
I tried to use OAUTH2 access tokens to sign in to google talk service
but keep getting SASL error <incorrect-encoding>. Is there any
documentation available on using Google's OAuth2 implementation for
Xmpp?
In Goolge API console I was able to register web based apps (client
side and server side) and get corresponding refresh/access tokens for
my user account. But when I send that access token over xmpp for auth
(SASL), it results in a sasl error with reason <incorrect-encoding/>.
I'm base 64 encoding the access token before sending though I tried
sending access token itself as well. Both result in same error.
I thought it could be that I need to register as a native client app
and not a web app in Google API console. But cannot register an App ID
for native app because the redirect uri mentioned in OAUTH2
documentation "urn:ietf:wg:oauth:2.0:oob" is not being accepted. I get
error saying this redirect uri is not valid for this type of app. Is
there any specialway for regsitering the native app?
Any help here will be greatly appreciated.
-Nalin
Andrew Wansley
Apr 19, 2011, 11:54:18 AM4/19/11
to oauth...@googlegroups.com
Hey Nalin,
We don't officially support OAuth 2.0 over XMPP today :). The inability to register "oob" is a bug that should be fixed shortly!
Andrew
Jon Smirl
Apr 23, 2011, 10:35:27 AM4/23/11
to oauth...@googlegroups.com
I'd like to use OAuth over XMPP to Google servers. We have Google login credentials embedded in portable devices that can be lost.I would much rather embedded an OAuth key that can be revoked and that restricts access to a single API. It's no big deal if someone gains access to the XMPP API, the problem is that the embedded credentials allow access to the other APIs. I already tried embedding the X-GOOGLE-TOKEN but it quickly expires. The devices talk to a GAE application.
It would be even more useful if the OAuth token only worked on a specific XMPP JID instead of allowing access to any JID. That would allow me to keep machine to machine traffic separate from human traffic on the same XMPP account.
Tony
Jun 16, 2011, 8:05:42 AM6/16/11
to oauth...@googlegroups.com
Hi Andrew,
Please let me know current status about OAuth 2.0 over XMPP.
Current status is OK? or not ? I lost my way to Google.
And please let me know where Is any documentation available on using Google's OAuth2 implementation for XMPP !!
Tony
Rob Alexander
Jun 22, 2011, 11:21:28 AM6/22/11
to oauth2-dev
Andrew,
Can we please get an update on the "inability to register oob" bug? We
want to use Google Talk for Web-based IM/Chat but we don't want to use
plain text passwords. If this bug doesn't get resolved soon, we might
have to use Openfire instead of Google Talk.
Thank you,
Rob Alexander
Can we please get an update on the "inability to register oob" bug? We
want to use Google Talk for Web-based IM/Chat but we don't want to use
plain text passwords. If this bug doesn't get resolved soon, we might
have to use Openfire instead of Google Talk.
Thank you,
Rob Alexander
Reply all
Reply to author
Forward
0 new messages