burzum34
commented
5 years ago I have the same problem, and it looks like Goth assumes that Google always includes the expires_in attribute in the response, which does not seem to be the case.
Closed ebjerkelund closed 3 years ago
burzum34
commented
5 years ago I have the same problem, and it looks like Goth assumes that Google always includes the expires_in attribute in the response, which does not seem to be the case.
peburrows
commented
5 years ago I think the issue here is the scope for which you are requesting a token. The scopes Goth expects are the ones listed in this doc: https://developers.google.com/identity/protocols/googlescopes, whereas it looks like you're passing in an email address as the scope. I would expect such a request to fail outright, but apparently it does indeed generate a token response, but not in the shape we're expecting.
Try correcting your scope and let me know if you're still seeing this issue.
wojtekmach
commented
3 years ago If this ever happens again, fwiw we'd have a slightly better error message as we're pattern matching [1], and if it's a common enough error, we could improve the message even further.
I am getting results from the token request that is not parseable by Goth.
dev.exs: config :goth, json: "./xxxxxxxxxxx.json" |> File.read!
Code: {:ok, token} = Token.for_scope("xxxxxxxxxxxxxxxx@appspot.gserviceaccount.com")
returns: ** (ArithmeticError) bad argument in arithmetic expression :erlang.+(1558592257, nil) lib/goth/token.ex:117: Goth.Token.from_response_json/3
Problem seems to be in token.ex where it is trying to parse the attributes of the returned JSON. When I inspect the JSON returned it looks like a JWT token. %{ "id_token" => "eyJhbGciOiJSUzI1NiIsImtpZCI6IjJjM2ZhYzE2YjczZmM4NDhkNDI2ZDVhMjI1YWM4MmJjMWMwMmFlZmQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhdWQiOiJzbmFwcHktc3RhY2tlci01NThAYXBwc3BvdC5nc2VydmljZWFjY291bnQuY29tIiwiYXpwIjoic25hcHB5LXN0YWNrZXItNTU4QGFwcHNwb3QuZ3NlcnZpY2VhY2NvdW50LmNvbSIsInN1YiI6IjEwNTA4OTc0ODgyNzQxNjE1NjU5NSIsImVtYWlsIjoic25hcHB5LXN0YWNrZXItNTU4QGFwcHNwb3QuZ3NlcnZpY2VhY2NvdW50LmNvbSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpYXQiOjE1NTg1OTIyNTcsImV4cCI6MTU1ODU5NTg1N30.Wbzpj8X5g11pfTSeFOFqqkq8HmDzO3ojVL2GXYkP4oeDACg5GlFXCxw9mJPzLs0tQgkPXPKgunJKaAlTDzSXUUa4mbz9eCKz_uFm5S90lbwfYN0zGd0wkawjXYk6pMsgAU4K9Mg4R6p4u-PdVYxBzUBKQLpirN3MmLGvlLnss6-e12njHaVjN-PVJE9RiGsq66UdPlJTz4phQH6jARD9kgvSMV6ufrlscS93_09A3JMJqKjUi1LtlduRcWEftmsze1fQ4LfAiKbJTh7IBF6h4kJQCFUkG9-yI6YO9CpFLTKAInODB-RtApSeWU9F71ibqNpax_r4UhO_oEOeG4SAqg" }
When I decode that assuming it is a JWT token, I get: %{ "aud" => "xxxxxxxxxxxxxx@appspot.gserviceaccount.com", "azp" => "xxxxxxxxxxxxxx@appspot.gserviceaccount.com", "email" => "xxxxxxxxxxxxxx@appspot.gserviceaccount.com", "email_verified" => true, "exp" => 1558596508, "iat" => 1558592908, "iss" => "https://accounts.google.com", "sub" => "105089748827416156595" }
None of those attributes are the ones expected by goth (access_token, token_type, expires_in).
Am I doing something wrong?