12

I try to use Google oauth to authenticate users on my android app. Then I would like to send it to my app server so it can connect at any time with Google calendar.

I tried to use GoogleAuthUtil.getToken(getApplicationContext(), mAccountName, mScope);

Following this article: https://developers.google.com/accounts/docs/CrossClientAuth

When I use it with scope mScope = "oauth2:https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"; I get a token, which is valid for an hour

But when I try to get an authorization code (so I can get a refresh token that is valid for longer time, using mScope2 ="oauth2:server:client_id:{CLIENT_ID}.apps.googleusercontent.com"+ ":api_scope:https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile";

I receive either "invalid_scope" or "Unknown" exceptions.

What am I doing wrong?

EDIT: OK, After creating a new app on google API console and adding plus.login to the scope I get a code, but for some reason my server can't resolve this token. When tying to resolve server gets an error about the redirection URL. BTW, When I do the web flow with same parameters it works.

Improve this question

4 Answers 4

Reset to default
11

OK, found the solution, I expected Google to have a lot better documentation about working with Google Oauth and Android. A few things you have to know to work with Android and offline token

  1. When you create google Client ID Don't create a service application before you create a web application

  2. Must include https://www.googleapis.com/auth/plus.login in your scope

  3. The weirdest, to resolve the one time authorization code on my server, I had to use the redirection URL from the Android client ID details (which doesn't even look like a url) and not from the Web client details on Google API console.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Do you have your code posted anywhere by any chance (Github etc.)? I'm getting the Unknown exception and it's driving me absolutely insane I don't know what to try anymore...
Thank you very much. The third step actually is important. I was stuck whole day thinking what was wrong with my request and Google really should work more on providing good documentation.
Could you better explain the third step? Maybe give some direct urls to the (ugly) Google API console page.
0

That scope string is only documented to work when passed to GoogleAuthUtil(), see http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html, on Android. But it would be cool if it worked on iOS too; our infrastructure there is a little behind where we’re at on Android.

Improve this answer

Comments

0

I have had the same issue then i realised that my app is not published and is in debug mode, so i had to add test users to the Google project -> Consent Screen, then i was able to fetch the token for the added test user.

enter image description here

Improve this answer

Comments

-1

You just need to follow the correct steps/format for specifying the scopes. Find them here https://developers.google.com/android/guides/http-auth#SpecifyingScopes

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.