Which OAuth Credentials in Google?

iloire / watchmen

A simple node.js service monitor

MIT License

941 stars 199 forks source link

Which OAuth Credentials in Google? #79

Open jwulf opened 7 years ago

jwulf commented 7 years ago

The docs say:

You will also need to set the Google client ID and secret using env variables accordingly. (Login into https://console.developers.google.com/ to create them first)

Can you give some more details on this? On Google there are several types of OAuth credentials (web browser / web server || access your data / access users' data) and a bunch of different parameters (origin URL || redirect URL).

I read in another issue that you need to enable the Google+ API, so I did that; then generated a couple of different credentials for OAuth. They all result in an error.

jwulf commented 7 years ago

When I step through their wizard and say that I'm looking for credentials to allow a web browser || web server access a user's data via the Google+ API, it tells me that I have credentials already for both of those scenarios.

When I use either of those credentials with watchmen, Google gives me a 401 error, with the client key on the screen, like this:

401. That’s an error.

Error: invalid_client

The OAuth client was not found.

Request Details
response_type=code
redirect_uri=http://watcher.magikcraft.io/auth/google/callback
scope=https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
client_id='672769544416-45vu7vkkqtqbpv1p1ompcfjrt9smgmpv.apps.googleusercontent.com'
That’s all we know.

rinderschwein commented 7 years ago

Same problem here, @jwulf have you found a solution?

DigitalSquid commented 7 years ago

Here's a rough guide based on what I did to get it working:

Go to Google's API Console: https://console.developers.google.com
Create a new Project if you need to, or select an existing one
Go to the Dashboard option in the left menu
Select the Enable API option and enable the Google+ API
Go to the Credentials option in the left menu
Hit the Create Credentials button and select the OAuth client ID option
You should be prompted to configure the Consent Screen - just requires an email address and project name to work
Then configure the app. I was running it as a web service so picked Web Application
I'm running it locally for now so under the restrictions I added http://localhost:3000 as the origin URI and http://localhost:3000/auth/google/callback as the redirect URI

That should get you the Client ID and the Client Secret to put in the config files. I also added a Google Analytics ID to the config files, which you can get from a Google Analytics account

dnx2k commented 7 years ago

Couple of thoughts:

For me it was necessary to remove all quotes in env file, so it will be just: WATCHMEN_BASE_URL=http://localhost:3000 WATCHMEN_WEB_PORT=3000 ... as well as Google keys. Otherwise this quotes remains in auth query and it will fail.
There are deprecated options scope: 'https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile' it needs to be replaced with scope: 'email profile' in webserver/routes/web-auth-route.js
You need to enable Google + API in your console otherwise auth will fail (as 0f 2017)