nguyentientoan / socialauth-net

Automatically exported from code.google.com/p/socialauth-net
0 stars 0 forks source link

GoogleWrapper Custom ScopeLevel with no AdditionalScopes is rejected by Google. #197

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Add ScopeLevel CUSTOM to GoogleWrapper and no AdditionalScopes
<add WrapperName="GoogleWrapper" ScopeLevel="CUSTOM" 
ConsumerKey="xxxxxxxxxxxxxxxxx.apps.googleusercontent.com" 
ConsumerSecret="xxxxxxxxxxxxxxxxxxxx" />

What is the expected output? What do you see instead?
Expected that a login with only the user.profile scope would be made, instead 
Google produces an error page saying the "scope" attribute is missing. Error: 
invalid_request Missing required parameter: scope. If I add "profile" to 
AdditionalScopes, the expected login is executed with only the profile scope, 
only then the socialauth/validate.sauth?code=XXXXXXXXXX page throws a 
NullReferenceException. see below.

What version of the product are you using? On what operating system?
v2.4 Windows

Please provide any additional information below.

[NullReferenceException: Object reference not set to an instance of an object.]
   Brickred.SocialAuth.NET.Core.QueryParameters.get_Item(String key) +155
   Brickred.SocialAuth.NET.Core.Wrappers.GoogleWrapper.GetProfile() +1152
   Brickred.SocialAuth.NET.Core.BusinessObjects.SocialAuthUser.SetUserAsLoggedIn() +103
   Brickred.SocialAuth.NET.Core.BusinessObjects.SocialAuthUser.OnAuthneticationProcessCompleted(Boolean isSuccess, Token token) +55
   Brickred.SocialAuth.NET.Core.OAuth2_0server.LoginCallback(QueryParameters responseCollection, Action`2 AuthenticationCompletionHandler) +144
   Brickred.SocialAuth.NET.Core.Provider.LoginCallback(QueryParameters responseCollection, Action`2 AuthenticationHandler) +107
   Brickred.SocialAuth.NET.Core.BusinessObjects.SocialAuthUser.LoginCallback(String response) +467
   Brickred.SocialAuth.NET.Core.CallbackHandler.ProcessRequest(HttpContext context) +998
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +341
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69

Original issue reported on code.google.com by bshtmich...@gmail.com on 5 Jan 2014 at 6:16

GoogleCodeExporter commented 8 years ago

Original comment by deepak.a...@3pillarglobal.com on 6 Jan 2014 at 6:02

GoogleCodeExporter commented 8 years ago
Google OAuth 2.0 version has mandatory requirement for passing scope. If you 
want basic  login then besides setting ScopeLevel="CUSTOM", you'd need to pass 
https://www.googleapis.com/auth/userinfo.profile (This worked for me)

However, if I instead pass "https://www.googleapis.com/auth/userinfo.email", 
which only gets the email of user, it failed with error you've mentioned.

I've fixed this issue in YahooWrapper.cs. You may either wait for next download 
or get this file from repository for fix.

Note: You need to pass both of the above as scopes (separated by a space) if 
you want profile + email.

Original comment by deepak.a...@3pillarglobal.com on 6 Jan 2014 at 2:09

GoogleCodeExporter commented 8 years ago
Your suggestion works also for me and that is what I am going to use from now 
on. Thank you! Indeed I do have a similar issue in the YahooWrapper (didn't 
report it yet, but now you found it yourself). I'll wait for the next release 
for the YahooWrapper to be updated. Thanks again.

Original comment by bshtmich...@gmail.com on 6 Jan 2014 at 7:38