newbie question: coulnd not get google access token?

[maliky]

Hello (bonjour),

I'm not a developper but hopefully I have a small git account.

I am running moodle stable release 2.5.1 and installed OAuth2 about 2 month ago.

What I did

• I'm interested by google and facebook services so I did create dev account. Also I filled in the client ID & secret in the plugin's settings. (copy paste to be sure)
• read most documentation I could get on the plugin (first the readme file)
• checked that I was not trying to connect with an existing account.
• checked my client ID and secret ;
• changed http to https in the api console for google.
• posted in moodle forum (no reply)
• reinstalled the plugin
• waited, tryed again...

  What I did not do:

• extensively checked the code.
• have a similar plugingwork else where. I'm a newbie
• and many other things... :o)

  The error:

  With google

I get the following error message after clicking the google button. and entering a valid login/pwd.

The authentication provider sent us a communication error. Please try to sign-in again."

My problem could come from bash pauth.php:392: throw new moodle_exception('couldnotgetgoogleaccesstoken', 'auth_googleoauth2');

With Facebook:

• I enter a login/pwd
• I accept to give info to the plugin Then I get the same error as with google.

I need your help Thank you

Quefaire?

[mouneyrac]

Hi Maliky, this line does the curl call to retrieve the access token for Google and Facebook: https://github.com/mouneyrac/moodle-auth_googleoauth2/blob/master/auth.php#L160 Display the return value to see what is the Google/Facebook error. It should help you.

[maliky]

How do I display the return value of the curl call. I tried with some echos in the auth.php but nothing.

[maliky]

Ok, I managed to have a gmail account created with moodle-auth_googleoauth2. The problem may have been a space entered after the redirection url.

But now the account was created a first time with an error with the same error message as previously. I thought I was not really connected. But thinking harder, I checked the list of users and found the new account. I deleted it to try again, and cannot connect the second time. The second time I get a new error message tell me that my email may not be verified. I checked in google. It is. This second time, I'm not connecting to moodle and I am not creating a new account.

Since my first trials, google change there API interface.

??

[maliky]

I cleared my browser cache, and I am back to issue one. could it be a problem with my host? bluehost shared environment? here the website edu.kone.ci

[maliky]

Ok, I turned on debugging mode. here is a more detailed error message

---

Debug info: Error code: couldnotgetgoogleaccesstoken Stack trace:

line 392 of /auth/googleoauth2/auth.php: moodle_exception thrown
line 88 of /login/index.php: call to auth_plugin_googleoauth2->loginpage_hook()

Output buffer: google?
Notice: Trying to get property of non-object in ..../auth/googleoauth2/auth.php on line 166

---

I give up for now .... I don't understand why I get different errors messages and why I can't reproduce a specific error.

• I have cleared my cache
• refresh the pages
• checked the client id and secret
• reinstalled the plugin from the git master
• registered my domain with google
• created a new client id and secret.
• tryed to have the curl value printed....
• read some info about https://developers.google.com/accounts/docs/OAuth2WebServer

What I did not do:

• use curl on command line to debug.
• and many other things....

What I find strange:

• In the &scope=https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email Some time the + is written "+" sometimes "%20". The time I managed to connect it was a "+" and not a "%20"
• Also why is it only the '+' that's been transliterated and not also the '/', ':' as in google's example?

[maliky]

If I cannot get help here where will I get help to make this module work? I have been trying for more than 2 months now.

[mouneyrac]

Hi Maliky, your alternative solutions are Moodle forums (https://moodle.org/mod/forum/view.php?id=44) or Moodle partners (http://moodle.com/partners/).

• %20 is a space not a +. Did you mean %2B in a different url?
• It is clearly not normal that the exact same place (I'm not sure what + you are talking about) is + sometimes and %2B. But from what I read I'm guessing you must be confuse somewhere (it's not a blame, just a notice, it's already nice from you to go into the code for a non developer :))
• a simple url encoding explanation can be found there: http://www.w3schools.com/tags/ref_urlencode.asp

To summary it's not going to be easy to find your issue without accessing your server. I don't have too many clues yet.

[mouneyrac]

Look at my demo site: http://moodleitandme.com/stable_master_demo

Here you can see how the first url contacting google is formatted: https://accounts.google.com/o/oauth2/auth?client_id=175392197893-ih0hkf0stvhg40193s3vbrv22m422mm4.apps.googleusercontent.com&redirect_uri=http://moodleitandme.com/stable_master_demo/auth/googleoauth2/google_redirect.php&scope=https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email&response_type=code

[mouneyrac]

If you can't give access to your server can you at least give your site address that we can try?

[maliky]

Hello Mouneyrac, your comments are encouraging thanks. I think my the problem comes from the way I declare my app in google or facebook and not from you plugin. I tried connecting on the stable master demo and no surprised. It worked.

As for my confusion between %2B space and + It may be linked to the rewriting rule of google. I understand that urls are passed as argument in the url so in some places, rewriting a + to a %2B or a space to a %20 is necessary.

my moodle website edu.kone.ci

[mouneyrac]

Salut, il me parait etrange ton numero de client_id: 19921223337.apps.googleusercontent.com https://accounts.google.com/o/oauth2/auth?client_id=19921223337.apps.googleusercontent.com&redirect_uri=http://edu.kone.ci/auth/googleoauth2/google_redirect.php&scope=https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email&response_type=code

Le mien c'est: 175392197893-ih0hkf0stvhg40193s3vbrv22m422mm4.apps.googleusercontent.com https://accounts.google.com/o/oauth2/auth?client_id=175392197893-ih0hkf0stvhg40193s3vbrv22m422mm4.apps.googleusercontent.com&redirect_uri=http://moodleitandme.com/stable_master_demo/auth/googleoauth2/google_redirect.php&scope=https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email&response_type=code

Verifie que tu rentres bien le bon client/app id and secret.

Jerome

PS: j'ai efface tes identifiants de ton post.

[maliky]

Ok merci....

Oui, je me perds dans les services google. Je commence à saisir qu'il y a un différence entre les API et les Apps.

Les codes que j'utilise pour le module sont ceux pris depuis cloud.google.com/console. J'ai créer un projet puis "I registered a new App" pour laquelle j'ai fournis les urls de redirection. ensuit j'ai générer de nouveau identifiant "client/app id" et c'est ceux que j'ai mis dans le module.

Maintenant, je vois un service Apps payant de google qui m'a l'air différents des api. J'essaye d'y souscrire pour mon école mais la vérification du domaine ne sera pas faite avant demain. Peux tu me dire si c'est nécessaire de souscrire à ce service App "payant" de google?

[maliky]

J'avais aussi vu qu'il fallait vérifier le domaine avec google. Je l'ai fait pour le sous domaine edu.kone.ci mais pas pour kone.ci.. j'essaye ça.

[maliky]

mon identifiant client est similaire à celui donné en example ici ( https://developers.google.com/accounts/docs/OAuth2WebServer) mais j'aimerai bien avoir un truc qui ressemble plutôt au tien :o) Comment faire?

[maliky]

It worked a second time. I used another google account to generate a client id/ secrete like more like yours. and Bingo. I'll try again...
thx.

[maliky]

what does your facebook client id looks like?

[maliky]

dammed, I deloged and relog using the plugin button. I use the same gmail adress (the account has been created just previously) and patatrac ! couldnotgetaccesstoken.

See you later.

[maliky]

Something I don't get is that I have the same error : "could not get google access token" even when I try to connect with facebook.

[maliky]

Is there something to do with json? I see call to json_decode and on the google console they proposed to download it. I didn't because I didn't think it was necessary.

[mouneyrac]

No everything should work if you enter the correct information. I'll go through the all processes again to detect what help could be useful. I'll also have a look how Google Cloud changed compared to instruction I'm mentioning in the administration settings. But I will only do that later, I don't have much time right now. I hope you'll find out how to set it up in the meanwhile. If you do and think anything should be mentioned in the instruction let me know :)

[maliky]

Une fresh install avec rien d'autre que le plugin oauth2 installé activé, configuré
le code pour afficher les bouttons ajoutés en bas de login/index.php un secret régénéré avec les nouvelles uri de redirections et idem..

Debug info: Error code: couldnotgetgoogleaccesstoken Stack trace: •line 392 of /auth/googleoauth2/auth.php: moodle_exception thrown •line 88 of /login/index.php: call to auth_plugin_googleoauth2->loginpage_hook()

Le JSON n'a rien à voir avec mon problème. Alors c'est peut être un problème avec mon hébergeur, bluehost? Ce qui m'étonne c'est d'avoir réussi à me connecté et puis ensuite non. Est ce que mon IP n'est pas blacklisté par un service parce que je suis en Côte d'Ivoire. Comment savoir?

Je cherche encore et encore car j'aimerais que mes élèves d'un collège de math au système français, se connectent en utilisant leur identifiant facebook, hotmail ou gmail. Mais ce n'est pas facile.... foup..

[maliky]

S'il te plait donne moi le baba du débogage sur moodle. tu parlais d'afficher la variable $curl mais jusqu'a présent je ne vois pas comment faire. echo $curl ne me donne rien. Y a t il une fonction spécifique à appeler?

[maliky]

OK four months later, I found a checkbox on my host (bluehost) that I needed to check to enable oauth.so in my php.ini file.

I got some improvement. I am now able to login with new google account... but only once.

In the mean time I installed moodle 2.6 and googleauth on ovh and had them running smoothly. Several login with the same google account.

Therefore I think my issue has to do with some configuration of my main host (bluehost). If you have an idea let me know I am still struggling

Thanks

[maliky]

strugling still, cheking bluehost config and moodle requirements

[mouneyrac]

I am closing this issue as no progress have been done for a long time. However note that I added some debug info for the error couldnotgetgoogleaccesstoken. Turn on the debug mode in Moodle and there should me more information in the debug info part of the error. If you detect something wrong with the plugin, please open a new issue, this one is a bit overcrowed by messages and it's hard to read now. Thanks.