Using OAuth2.0 with Google
645 views
Skip to first unread message
Alexandre Bourdin
Sep 12, 2011, 12:43:39 PM9/12/11
to play-fr...@googlegroups.com
Hello,
an example of OAuth2.0 used for Facebook authentification is provided in the Play examples, but I don't manage to make it work with Google.
In fact, even for Facebook, I had to modify myself the OAuth2 class in order to allow it to take a scope in parameter to retreive more than the basic information (for example the user mail address).
Is there some example working with Google or another more complete OAuth2.0 library ?
an example of OAuth2.0 used for Facebook authentification is provided in the Play examples, but I don't manage to make it work with Google.
In fact, even for Facebook, I had to modify myself the OAuth2 class in order to allow it to take a scope in parameter to retreive more than the basic information (for example the user mail address).
Is there some example working with Google or another more complete OAuth2.0 library ?
Message has been deleted
Alexandre Bourdin
Oct 5, 2011, 9:36:56 AM10/5/11
to play-fr...@googlegroups.com
Still any ideas ?
Amit Dubey
Oct 5, 2011, 11:32:05 AM10/5/11
to play-framework
Hi Alexandre,
I've *almost* managed to get OAuth2 with Google to work. You'll need
to do the following:
(1) Re-write retrieveVerificationCode to include a scope parameter (I
gather, as you did with Facebook)
(2) Make sure the scope parameter is properly ecaped! e.g. for email:
https://www.googleapis.com/auth/userinfo#email
Should be:
https://www.googleapis.com/auth/userinfo%23email
WS doesn't do this for you (or at least, not for me ;)
(3) I'm not sure what (3) is! WS fails for the authentication step,
but the same URL works fine if I use wget --post-data from my shell.
I'll get back to you if I have any success...
On Oct 5, 2:36 pm, Alexandre Bourdin <corshc...@gmail.com> wrote:
> Still any ideas ?
I've *almost* managed to get OAuth2 with Google to work. You'll need
to do the following:
(1) Re-write retrieveVerificationCode to include a scope parameter (I
gather, as you did with Facebook)
(2) Make sure the scope parameter is properly ecaped! e.g. for email:
https://www.googleapis.com/auth/userinfo#email
Should be:
https://www.googleapis.com/auth/userinfo%23email
WS doesn't do this for you (or at least, not for me ;)
(3) I'm not sure what (3) is! WS fails for the authentication step,
but the same URL works fine if I use wget --post-data from my shell.
I'll get back to you if I have any success...
On Oct 5, 2:36 pm, Alexandre Bourdin <corshc...@gmail.com> wrote:
> Still any ideas ?
Amit Dubey
Oct 5, 2011, 2:34:39 PM10/5/11
to play-framework
Hi Alexandre,
Now found the third problem (sorry, should have sent the message all
at once) -- Play's OAuth2 sends the authorization request as a GET,
but Google expects a POST or PUT, and OAuth2 does not expect the JSon
response that Google sends back.
I've included (crappy! non-error checking!) code as an example (PS I'm
using Scala, hope you understand it)
val GOOGLE = new OAuth2(
"https://accounts.google.com/o/oauth2/auth",
"https://accounts.google.com/o/oauth2/token",
"CLIENT_ID",
"CLIENT_SECRET"
) {
/**
* Need to override this method to add Google-specific scope
parameter
*/
override def retrieveVerificationCode( callbackURL : String ) =
{
import play.mvc.results.Redirect
throw new Redirect(authorizationURL
+ "?client_id=" + clientid
+ "&redirect_uri=" + callbackURL
+ "&scope=https://www.googleapis.com/auth/userinfo
%23email"
+ "&response_type=code")
}
/**
* Need to override this for Google-specific parameters and
responses
*/
def retrieveJsonAccessToken( callbackURL : String ) : String = {
import play.mvc.Scope.Params
val accessCode = Params.current().get("code")
val params = new java.util.HashMap[String,Object]
params.put("client_id",clientid)
params.put("client_secret",secret)
params.put("redirect_uri",callbackURL)
params.put("code",accessCode)
params.put("grant_type","authorization_code")
WS.url(accessTokenURL).params(params).post.getJson.getAsJsonObject.get("access_token").getAsString
> I've *almost* managed to getOAuth2with Google to work. You'll need
Now found the third problem (sorry, should have sent the message all
at once) -- Play's OAuth2 sends the authorization request as a GET,
but Google expects a POST or PUT, and OAuth2 does not expect the JSon
response that Google sends back.
I've included (crappy! non-error checking!) code as an example (PS I'm
using Scala, hope you understand it)
val GOOGLE = new OAuth2(
"https://accounts.google.com/o/oauth2/auth",
"https://accounts.google.com/o/oauth2/token",
"CLIENT_ID",
"CLIENT_SECRET"
) {
/**
* Need to override this method to add Google-specific scope
parameter
*/
override def retrieveVerificationCode( callbackURL : String ) =
{
import play.mvc.results.Redirect
throw new Redirect(authorizationURL
+ "?client_id=" + clientid
+ "&redirect_uri=" + callbackURL
+ "&scope=https://www.googleapis.com/auth/userinfo
%23email"
+ "&response_type=code")
}
/**
* Need to override this for Google-specific parameters and
responses
*/
def retrieveJsonAccessToken( callbackURL : String ) : String = {
import play.mvc.Scope.Params
val accessCode = Params.current().get("code")
val params = new java.util.HashMap[String,Object]
params.put("client_id",clientid)
params.put("client_secret",secret)
params.put("redirect_uri",callbackURL)
params.put("code",accessCode)
params.put("grant_type","authorization_code")
WS.url(accessTokenURL).params(params).post.getJson.getAsJsonObject.get("access_token").getAsString
> I've *almost* managed to getOAuth2with Google to work. You'll need
Alexandre Bourdin
Oct 10, 2011, 9:11:16 AM10/10/11
to play-fr...@googlegroups.com
Hi,
thanks, but I haven't tried scala yet. Anyway, someone else provided me a GoogleOAuth2.java class he made which seems working.
However, I am still looking for a way to get more than just the user mail. Do you know if there is any way to get some more information (like name, city, birthdate) like we can do with Facebook ?
thanks, but I haven't tried scala yet. Anyway, someone else provided me a GoogleOAuth2.java class he made which seems working.
However, I am still looking for a way to get more than just the user mail. Do you know if there is any way to get some more information (like name, city, birthdate) like we can do with Facebook ?
Cyril Lacôte
Oct 10, 2011, 3:58:49 PM10/10/11
to play-framework
Hi,
The Google's data you're requesting on behalf of the user through
OAuth are specified by the "scope" parameter, which can have multiple
values, separated by a space (properly encoded).
The scope "https://www.googleapis.com/auth/userinfo.email" gives you
user email.
The scope "https://www.googleapis.com/auth/userinfo.profile" gives you
user profile, i.e firstName, lastName, birthday, location, ...
The scope "https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile" gives you both, etc.
I also find difficult to get information about available scopes :
Google seems to lack of a proper reference (which is lame).
By the way, I switched to Scribe (https://github.com/fernandezpablo85/
scribe-java) to handle OAuth in a more extensible way in my Play app
(Play libraries are super easy, but not so open to extensions, in
OAuth and on other subjects).
Scribe doesn't support natively Google's OAuth2 in the current version
(it will soon come officialy), but you can make already make it work
through some simple hacking (https://github.com/fernandezpablo85/
scribe-java/pull/176)
Cyril.
Reply all
Reply to author
Forward
0 new messages