parse error: asn1: syntax error: sequence truncated

[gu1113]

Hello im trying to fetch a google api token for the postmaster tools but i have some errors using the script;

using it directly with the credentials.json download from the google console i have received;

$ ./oauth2l fetch --credentials credentials.json --scope postmaster.readonly missing 'type' field in credentials $

Adding "type":"service_account","web" to the json file the error have changed for the following;

$ ./oauth2l fetch --credentials credentials.json --scope postmaster.readonly private key should be a PEM or plain PKCS1 or PKCS8; parse error: asn1: syntax error: sequence truncated $

Whats about is the last one related ?,

Thanks

[andyrzhao]

Hi there, it sounds like you have a malformed credentials.json and possibly mixing and matching client id credentials with service account credentials. Also, you should never have to hand-edit fields in the credentials. Can you tell me what the original credentials.json looked like (i.e. all the fields it had). Don't share the values. Thanks!

[gu1113]

Hello andy , thanks for your reply!

here you are my downloaded untouched json credential file;

$ cat client_secret_588412352642-jv7lchcip7oq13b58udqvXXXXXXXXXXXXX.apps.googleusercontent.com.json | json_pp { "web" : { "client_secret" : "GOCSPX-7umgRkXwWha358sP5XXXXXXXXXX", "client_id" : "588412352642-jv7lchcip7oq13b58udqXXXXXXXXXXXX.apps.googleusercontent.com", "token_uri" : "https://oauth2.googleapis.com/token", "auth_uri" : "https://accounts.google.com/o/oauth2/auth", "auth_provider_x509_cert_url" : "https://www.googleapis.com/oauth2/v1/certs", "project_id" : "annular-text-341115" } } $

$ ./oauth2l fetch --credentials client_secret_588412352642-jv7lchcip7oq13b58udqvXXXXXXXXXXXXX.apps.googleusercontent.com.json --scope postmaster.readonly missing 'type' field in credentials $

[andyrzhao]

Hi there, so it looks like you are trying to work with a client id credentials file - what is strange is that oauth2l doesn't recognize it, possibly because your credentials file does not have "redirect_uris" field which is needed for the 3LO flow. Can you try creating a new credentials file and selecting "Desktop" instead of "web" for generating the credentials file? We will try to repro your issue on our end in the meantime.

[gu1113]

Thanks again for you reply andy.

I created a new credentials pair using desktop as app type, and seems it advanced properly, i received;

$./oauth2l fetch --credentials credentials.json --scope=postmaster.readonly Your browser could not be opened to visit:

https://accounts.google.com/o/oauth2/auth?client_id=588412352642-jpnutc2stgcd73adrjd1XXXXXXXqppop.apps.googleusercontent.com&code_challenge=CwYKVVRSCyEqBV5ibhTR2yk2tVuQlS7XXrXXXXXXXXX&code_challenge_method=S256&redirect_uri=http%3A%2F%2Flocalhost%3A45495&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fpostmaster.readonly&state=state $

Now i have to figure out whats its the browser message related, and get my auth token. :-)

[ulisesL]

Hi gu1113, going back to the "redirect_uris" missing in the credentials file, did you provide values for "Authorized Javascript origins" and "Authorized redirect URIs" when creating the web client in GCP? Thanks!

[gu1113]

Hi @ulisesL , thanks for you reply!, i did not complete those files because im trying to get the auth token to use the google postmaster api not sure which fields i should use.

[ulisesL]

No problem! When creating "web" client credentials, please provide the "Authorized Javascript origins" and "Authorized redirect URIs" fields in the GCP UI. "Authorized redirect URIs" is needed for the 3LO flow as @andyrzhao pointed out. Missing this field will result in the error described in your 1st post.

[ulisesL]

Hi @gu1113, Re: Your browser could not be opened to visit:, would you mind sharing what OS and default browser you are using?