I'm trying to get my access token in OAuth2 so that I can access the Google Calendar API. Everywhere I look it says that i'm supposed to pass in a 'grant_type' that is equal to refresh_token but I keep getting the error
"undefined local variable or method `refresh_token' for # Did you mean? real_csrf_token"
So somewhere a long the line my 'refresh_token' is not being set. Please
events_controller.rb
auth = Signet::OAuth2::Client.new(
access_type: 'offline',
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
client_id: ENV['GOOGLE_CLIENT_ID'],
client_secret: ENV['GOOGLE_SECRET_KEY'],
grant_type: refresh_token
)
auth.fetch_access_token!
Also, I have an omniauth initializer file, which is where I believe i'm missing my opportunity to grab the access token and refresh token.
config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_SECRET_KEY'],
{
scope: ['https://www.googleapis.com/auth/calendar', 'https://www.googleapis.com/auth/plus.login'],
skip_jwt: true
}
end
Any help is appreciated!
The documentation is telling you to pass a grant_type of 'refresh_token'. That's a string.
Related
I am using omniauth-google-oauth2 with branch: 'v0.2.10' for below mentioned scopes in code
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, APP_CONFIG['google_oauth2']['client_id'], APP_CONFIG['google_oauth2']['client_secret'], {
access_type: 'offline',
scope: 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/calendar',
redirect_uri: "#{APP_CONFIG['site_url']}auth/google_oauth2/callback",
skip_jwt: true,
prompt: 'consent',
provider_ignores_state: true
}
end
But when i try to sync calendar, it gives me invalid_credential error as below
auth/failure?message=invalid_credential?...
No more details available in response.
Please suggest me if i am doing anything wrong.
Does the APP_CONFIG['site_url'] come with slash in the end or not?
anyway i thank it most be like that:
#{APP_CONFIG['site_url']}/auth/google_oauth2/callback
instead of : #{APP_CONFIG['site_url']}auth/google_oauth2/callback
I have an app which syncs to OneDrive. If the user is using Office365 via GoDaddy and I have a grant_type of 'refresh_token', it doesn't return the refresh_token back, which in turn, won't let me refresh the token I currently have. I've tried adding access_type="offline" and prompt="consent" when doing a POST request to no avail. Help?
Here's my code:
credentials = OpenStruct.new
params = {
client_id: client_credentials[:key],
redirect_uri: redirect_url,
client_secret: client_credentials[:secret],
refresh_token: refresh_token,
grant_type: 'refresh_token',
resource: resource_id,
access_type: 'offline',
prompt: 'consent'
}
RestClient.post(client.token_url, params) # doesn't return refresh_token
Based on the request, it seems you were refresh the token. Based on the OAuth 2.0 code grant flow, there is no parameter about access_type and prompt. You can refer below for the support parameter:
And here is the post for your reference:
POST /{tenant}/oauth2/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
&grant_type=refresh_token
&resource=https%3A%2F%2Fservice.contoso.com%2F
&client_secret=JqQX2PNo9bpM0uEihUPzyrh
I'm using the google-api-ruby-client gem in rails.
In the examples I found an example to load GooglePlus data:
client = Google::Apis::PlusV1::PlusService.new
client.key = ENV['GOOGLE_CLIENT_ID']
client.authorization = authorization
I have already obtained both refresh_token and the auth_token with another method (using devise oauth).
How can I generate the authorization object, starting from the tokens I have?
You can create the authorization object by instantiate a new UserRefreshCredentials like this:
authorization = Google::Auth::UserRefreshCredentials.new(
client_id: GOOGLE_CLIENT_ID
client_secret: GOOGLE_CLIENT_SECRET
scope: GOOGLE_SCOPE,
access_token: YOUR_AUTH_TOKEN,
refresh_token: YOUR_REFRESH_TOKEN,
expires_at: YOUR_EXPIRE_AT_TIMESTAMP,
grant_type: 'authorization_code')
First, the context: I'm writing a little web app to do some custom Google Analytics reporting for me.
In my Gemfile:
gem 'omniauth'
gem 'omniauth-google-oauth2'
In my config/initializers/omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV["GOOGLE_KEY"], ENV["GOOGLE_SECRET"]
{
:scope => "userinfo.email,userinfo.profile,analytics.readonly",
:approval_prompt => "auto"
}
end
When I get to the auth screen on google, it's only asking me for userinfo.email and userinfo.profile permissions, and nothing for analytics.readonly.
Looking at the URL when I'm auth'ing, I can see that it's only requesting the first two permissions. If I manually add the analytics permission, it grants the correct permissions. So, I've narrowed the issue down to
How I'm passing scope to the omniauth-google-oauth2 strategy, or
How the strategy is handling/ignoring the scope hash.
Also, I have double-checked that the Analytics API is turned on for my OAuth keys in the Google API Console.
Poorly formatted code, I was missing a comma after ENV["GOOGLE_SECRET"]. Below is the fixed code.
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV["GOOGLE_KEY"], ENV["GOOGLE_SECRET"],
{
:scope => "userinfo.email,userinfo.profile,analytics.readonly",
:approval_prompt => "auto"
}
end
I have set this in the initializer
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook , 'app' , 'secret' , {:scope => "manage_pages"}
end
And I have saved the token in User model after the callback.
How do I use the token to request for https://graph.facebook.com/${current_user.uid}/accounts?
With the Facebook ID you can query the Facebook Graph. Have a look at fb_graph gem: https://github.com/nov/fb_graph, it is a Facebook API wrapper.