search

pow-auth / pow_assent

Multi-provider authentication for your Pow enabled app
https://powauth.com
MIT License
321 stars 50 forks source link

Unauthorized token Exception when login with Google Strategy and authorization_params #172

Closed Ciboulette closed 4 years ago

Ciboulette commented 4 years ago

Hello I have successfully managed to login with Google Strategy without authorization_params.

But now I would like to add some for my app, here's my config:

config :my_app, :pow_assent,
  providers: [
    google: [
      client_id: "CLIENT_ID",
      client_secret: "SECRET_CLIENT",
      authorization_params: [scope: "https://www.googleapis.com/auth/calendar.events"],
      strategy: Assent.Strategy.Google
    ]
  ]

When I tried to login, it asks for the permissions for calendar etc and throw the following exception:

GET /auth/google/callback?state=e64c77475bfe165c2bc4f4b566cffeb15891f2ac7526c341&code=4%2FzgERzbI_bxEPXoJe3aH9D_BPkEf-eWjP1v3d_F9wthT75ev6rRi399-VJrMHk8u0o6oNgQpsn1tII0ULru2pZiQ&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.events
** (exit) an exception was raised:
    ** (Assent.RequestError) Unauthorized token
        (pow_assent 0.4.7) lib/pow_assent/phoenix/controllers/authorization_controller.ex:207: PowAssent.Phoenix.AuthorizationController.handle_strategy_error/1
        (pow_assent 0.4.7) lib/pow_assent/phoenix/controllers/authorization_controller.ex:1: PowAssent.Phoenix.AuthorizationController.action/2
        (pow_assent 0.4.7) lib/pow_assent/phoenix/controllers/authorization_controller.ex:1: PowAssent.Phoenix.AuthorizationController.phoenix_controller_pipeline/2
        (phoenix 1.5.1) lib/phoenix/router.ex:352: Phoenix.Router.__call__/2
        (spotify_calendar 0.1.0) lib/spotify_calendar_web/endpoint.ex:1: SpotifyCalendarWeb.Endpoint.plug_builder_call/2
        (spotify_calendar 0.1.0) lib/plug/debugger.ex:132: SpotifyCalendarWeb.Endpoint."call (overridable 3)"/2
        (spotify_calendar 0.1.0) lib/spotify_calendar_web/endpoint.ex:1: SpotifyCalendarWeb.Endpoint.call/2
        (phoenix 1.5.1) lib/phoenix/endpoint/cowboy2_handler.ex:64: Phoenix.Endpoint.Cowboy2Handler.init/4
        (cowboy 2.7.0) /Users/louiscibot/code/spotify_calendar/deps/cowboy/src/cowboy_handler.erl:41: :cowboy_handler.execute/2
        (cowboy 2.7.0) /Users/louiscibot/code/spotify_calendar/deps/cowboy/src/cowboy_stream_h.erl:320: :cowboy_stream_h.execute/3
        (cowboy 2.7.0) /Users/louiscibot/code/spotify_calendar/deps/cowboy/src/cowboy_stream_h.erl:302: :cowboy_stream_h.request_process/3 
        (stdlib 3.12.1) proc_lib.erl:249: :proc_lib.init_p_do_apply/3

Am I missing something from the docs? I think we could add a real world example with authorization_params

danschultzer commented 4 years ago

The error is cryptic, but the authorization params are missing the userinfo scopes:

config :my_app, :pow_assent,
  providers: [
    google: [
      client_id: "CLIENT_ID",
      client_secret: "SECRET_CLIENT",
      authorization_params: [scope: "https://www.googleapis.com/auth/calendar.events https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"],
      strategy: Assent.Strategy.Google
    ]
  ]

I think that's why reason you got this error.

Ciboulette commented 4 years ago

Damn you're right! Thank you! it works!