Google+ Sign-in problem

[kamikaze]

When trying to login, I'm getting this from google:

1. That’s an error.

Error: invalid_scope

Some requested scopes were invalid. {valid=[https://www.googleapis.com/auth/userinfo.email], invalid=[plus.login]}

[omab]

Google OAuth2?

[kamikaze]

social.backends.google.GooglePlusAuth

[AndrewJHart]

I typically don't post to issues but I've been working for several hours to no avail with a consistent response of invalid scope using the GooglePlusAuth and always 403 Forbidden on GoogleOAuth2.

I will post the stack trace if needed -

Thx

[AndrewJHart]

@kamikaze @omab If you remove the plus.login scope it will authenticate the app for the GooglePlusAuth, however I still end with a 403 Client Error: Forbidden response.

I must be missing something simple at this point -- please help?

[bettsmatt]

I am having the same issues. I have updated and deployed the fix from e352518 but requests continue to come back as 403.

Any progress on fixing this issue?

[AndrewJHart]

Just a note - tests on this are failing for me as well.

However, from what I can gather (ergo my reason for being hesitant to post), if the HTTP response is a 403 then isn't that indicative of some kind of issue/requirement e.g. permissions on google's end??

But I have followed advice from many various sources in an attempt to remedy the issue by adjusting permissions, etc.. on the google app acct and I still get a 403 Forbidden every time.

So I'm wondering if this issue has something to do with python-social-auth.

Thanks - any help or direction would be awesome.

[bettsmatt]

I took a closer look at the error I was having.
Turns out it was a problem with the API's we had enabled in the Google Developer Console.

Google Oauth2 is authenticating correctly and returning a valid access token.
But when the access token is used to get the email address from Google + it is marked as unauthorised. As Google + was not an enabled API in the Google developer console.

I found this by calling
https://www.googleapis.com/plus/v1/people/me?access_token=<ACCESS_TOKEN> with the access token obtained through python social auth. As I would get the following error "Access Not Configured. Please use Google Developers Console to activate the API for your project."

Once I turned on the Google + API in the developer console everything worked perfectly.

@AndrewJHart, @kamikaze hope this helps.

[kamikaze]

I've always had G+ API enabled, actually everything worked until pyton-social-auth changed to new API (e352518)

but is there a fact that new API is supported by Google right now?

[Uznick]

Same problem here, it just does not work :(

[omab]

Google is deprecating the old scopes, dropping support starting from Sept 1, 2014, check the table at https://developers.google.com/+/api/auth-migration#timetable.

I wasn't aware that the new scopes requires the Google+ API to be enabled in the dashboard, I've already had it enabled.

I've added documents regarding the scopes deprecation and workaround for those looking to keep the old scopes at http://psa.matiasaguirre.net/docs/backends/google.html#scopes-deprecation

[Uznick]

I have enabled the Google+ API in the dashboard.

And I have the following settings in my Django settings.py:

GOOGLE_OAUTH2_CLIENT_ID = 'xxx.apps.googleusercontent.com'
GOOGLE_OAUTH2_CLIENT_SECRET = 'yyyyyy'
I have 'social.backends.google.GooglePlusAuth' in my AUTHENTICATION_BACKENDS
And I use {% url 'social:begin' 'google-plus' %} to login via Google+.

And when I follow the link I get:

Environment:


Request Method: GET
Request URL: http://localhost:8000/login/google-plus/?next=/registration/%3Ffrom%3Dgoogle

Django Version: 1.6.5
Python Version: 2.7.6
Installed Applications:
('django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'velobike.apps.main',
 'velobike.apps.content',
 'velobike.apps.core',
 'velobike.apps.configuration',
 'suit',
 'django.contrib.admin',
 'south',
 'social.apps.django_app.default',
 'linaro_django_pagination',
 'django_summernote',
 'solo',
 'modeltranslation',
 'mathfilters')
Installed Middleware:
('django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware',
 'linaro_django_pagination.middleware.PaginationMiddleware',
 'velobike.apps.core.middleware.VeloAuthMiddleware')


Traceback:
File "/Users/uznick/.virtualenvs/velobike-web/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  112.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/uznick/.virtualenvs/velobike-web/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
  45.             return func(request, backend, *args, **kwargs)
File "/Users/uznick/.virtualenvs/velobike-web/lib/python2.7/site-packages/social/apps/django_app/views.py" in auth
  12.     return do_auth(request.social_strategy, redirect_name=REDIRECT_FIELD_NAME)
File "/Users/uznick/.virtualenvs/velobike-web/lib/python2.7/site-packages/social/actions.py" in do_auth
  25.     return strategy.start()
File "/Users/uznick/.virtualenvs/velobike-web/lib/python2.7/site-packages/social/strategies/base.py" in start
  66.             return self.redirect(self.backend.auth_url())
File "/Users/uznick/.virtualenvs/velobike-web/lib/python2.7/site-packages/social/backends/oauth.py" in auth_url
  291.         return self.AUTHORIZATION_URL + '?' + params

Exception Type: TypeError at /login/google-plus/
Exception Value: unsupported operand type(s) for +: 'NoneType' and 'str'

[kamikaze]

but I have Google+ API enabled already...

[pryankster]

@Uznick : I'm seeing the same issue. AUTHORIZATION_URL isn't being set in the GooglePlusAuth class -- none of its parent classes define it.

class BaseGoogleAuth(object): # backends/google.py[12]
class BaseGoogleOAuth2API(BaseGoogleAuth): # backends/google.py[42]
class GooglePlusAuth(BaseGoogleOAuth2API, BaseOAuth2):  # backends/google.py[74]

Maybe it should inherit BaseGoogleOAuth2 (which inherits BaseGoogleOAuth2API, or it should define the AUTHORIZATION_URL (and other) constants directly in the class? I haven't used the G+ API enough to know what the proper patch is.

[omab]

I've released v0.1.26 which fixes the scopes issue by restoring the previous values but the new values are used by default, in order to re-enable the old (deprecated) scopes you need set any of this settings:

SOCIAL_AUTH_GOOGLE_OAUTH2_USE_DEPRECATED_API = True
SOCIAL_AUTH_GOOGLE_PLUS_USE_DEPRECATED_API = True

Also added support for Goggle+ Sign In server-side flow.

[kamikaze]

Thanks

[shoooe]

I'm using v0.1.26 and I still get 403 (even with Google+ API enabled). In fact if I take the access_token from the debug backtrace and go to:

https://www.googleapis.com/plus/v1/people/me?access_token=<access_token>

I'm perfectly able to see the correct response.

It is to say that I'm testing without HTTPS enabled on my end; might that be the cause of this problem?

[jrasanen]

Hmm, what is the non-deprecated API then?

[shoooe]

My problem was that Google+ API was Off in the Developer Console at Google.

[naoko]

Thank you, After enable Google+ API i was able to solve this issue as well

[avibrazil]

Me too... I had to enable Google+ API even if not needed by my app.

[vahedq]

Are you guys still able to use this fine? I have it set up, and Google+ API is enabled, but am getting this error:

Traceback (most recent call last):
File "/storage/client/repo1/server/eagle/views.py", line 56, in register_by_access_token
user = backend.do_auth(access_token)
File "/usr/local/lib/python2.7/dist-packages/social/backends/oauth.py", line 383, in do_auth
data = self.user_data(access_token, _args, *_kwargs)
File "/usr/local/lib/python2.7/dist-packages/social/backends/google.py", line 74, in user_data
'alt': 'json'
File "/usr/local/lib/python2.7/dist-packages/social/backends/base.py", line 229, in get_json
return self.request(url, _args, *_kwargs).json()
File "/usr/local/lib/python2.7/dist-packages/social/backends/base.py", line 225, in request
response.raise_for_status()
File "/usr/lib/python2.7/dist-packages/requests/models.py", line 773, in raise_for_status
raise HTTPError(http_error_msg, response=self)
HTTPError: 403 Client Error: Forbidden

[divestrato]

I have the same problem as @vahedq as well. Any pointers will be much appreciated!

[omab]

Yesterday I've updated the Google+ Sign-In docs and fixed some issues in the backend, take a look to the docs here http://psa.matiasaguirre.net/docs/backends/google.html?_=123#google-sign-in it might help.

[morninj]

I had the same issue. I solved it by enabling the Google+ API from console.developers.google.com.

[sureshvv]

+1 to bettsmatt & morninj

[chandrunitk]

bettsmatt's solution did it for me!

[rajeeshrp]

I still struggling with the same problem as @vahedq Project created, Google+ API enabled. My UI (angularjs) is able to let user login by google and pass the access_token. When psa's backend.do_auth is invoked with token, 403 is raised. Testing is done localhost and an AWS client.

[naveen319]

Hi I am struggling with this issue,

TypeError at /social-auth/complete/google-oauth2/
unsupported operand type(s) for +: 'NoneType' and 'int'

I am getting this error even for Twitter and Facebook. Can any one please help me on this,

[lucasvazq]

For all those people that have the same issue, one alternative to solve it is to update the package. I have the problem in v1 and enabling Google+ doesn't solve it, but upgrading to v4 does.