search

googlearchive / realtime-playground

Google Drive Realtime API Playground helps you to try out the features of the Realtime API
https://realtimeplayground.appspot.com/
Apache License 2.0
241 stars 114 forks source link

When authenticating, I get a 404 error when user_id is included in the gapi.auth.authorize call #4

Closed afiedler closed 11 years ago

afiedler commented 11 years ago

When I run this myself, I'm getting a 404 response when authenticating with the Google APIs for Javascript call to gapi.auth.authorize call. This is in realtime-client-utils.js:

  // Try with no popups first.
  gapi.auth.authorize({
    client_id: clientId,
    scope: [
      rtclient.INSTALL_SCOPE,
      rtclient.FILE_SCOPE,
      rtclient.OPENID_SCOPE
    ],
    user_id: userId,
    immediate: true
  }, handleAuthResult);

Right after this call, there is a GET (after OAuth redirects) to: https://accounts.google.com/o/oauth2/postmessage#state=362726323%7C0.3380328609&error=invalid_user&error_description=Invalid+email+address:+112056485114257598025/

That returns a 404, and app never opens the Google Drive file.

When I comment out the user_id field here, the authentication succeeds and the app seems to work fine. I tried to debug this, but the user_id field is not included in the developer documentation (https://developers.google.com/api-client-library/javascript/reference/referencedocs#gapiauthauthorize), so I have no idea what its really doing.

Does this field serve a purpose? Can it be removed safely to prevent this error?

nicolasgarnier commented 11 years ago

Hey Andy,

You webserver seems to be adding a trailing slash '/' at the end of the URL which screws up the userID param. Then because of a bug in our OAuth 2 servers this fails instead of being gracefully handled by the OAuth Javascript client library (I filed the bug internally).

Python's simple server is pretty broken in this regard.

Please host this on a better webserver. App Engine works well for this but you can also use: twistd -n web --path=.

nicolasgarnier commented 11 years ago

By the way this field's purpose is to gracefully handle users who are signed-in multiple accounts. It's a URL parameter that can be used on our OAuth 2 authorization endpoint to specify which account to automatically choose if multiple are signed-in.

afiedler commented 11 years ago

Thanks Nicolas for such a fast response!

nicolasgarnier commented 11 years ago

Oh and our README is missing lots of information and setup steps. Sorry: it was written in a rush :) We'll be improving it in the next fews days!

ghost commented 11 years ago

The shared library had to do with a poor char set problem that is now fixed thanks you, Nicolas. I am new here to git hub. I am not sure if I have merged branches or what is the proper etiquette here. Please contact me anytime if you think I could use more pointers or want to collab on any future projects!

Thank you!