oauth_service_token Not working with scope as list/vector of urls, only as space delimited string

[thomascjohnson]

Distinct possibility that I'm doing something completely wrong, but I can't seem to get this function to work. I believe in the past I have coded out the http request myself to get it to function. Here is some example code:

httr::oauth_service_token(httr::oauth_endpoints("google"),
                          jsonlite::fromJSON("mycredentials.json"),
                          c("https://www.googleapis.com/auth/drive",         
                            "https://www.googleapis.com/auth/drive.metadata"))

And from this I get:

Error in init_oauth_service_account(self$endpoint, self$secrets, self$params$scope) : 
  client error: (400) Bad Request

However, this works:

httr::oauth_service_token(httr::oauth_endpoints("google"),
                          jsonlite::fromJSON("mycredentials.json"),
                          "https://www.googleapis.com/auth/drive")

and so does this:

httr::oauth_service_token(httr::oauth_endpoints("google"),
                          jsonlite::fromJSON("mycredentials.json"),
                          paste(c("https://www.googleapis.com/auth/drive",         
                                  "https://www.googleapis.com/auth/drive.metadata"),
                                collapse = " "))

It looks like it all comes down to needing to supply the scopes as a space delimited string (just like the Google API wants – keep in mind it may be different for different APIs). I am putting this here for posterity so should anyone else run into the problem, they have a solution. I will try to find the problem in the package itself and send a pull request – that is, if this isn't a planned "feature" in the first place.

[MarkEdmondson1234]

I ran into this, but then I can't get a request running afterwards. Do you have working example?

If I modify the oauth2.0 example to use the JSON I have:

library(httr)

 # 1. Find OAuth settings for google:
#    https://developers.google.com/accounts/docs/OAuth2InstalledApp
 oauth_endpoints("google")
<oauth_endpoint>
 authorize: https://accounts.google.com/o/oauth2/auth
 access:    https://accounts.google.com/o/oauth2/token
 validate:  https://www.googleapis.com/oauth2/v1/tokeninfo
 revoke:    https://accounts.google.com/o/oauth2/revoke

#2. Don't need an app

 # 3. Get OAuth credentials
 json_file <- jsonlite::fromJSON("bigQueryR-4494268a1398.json")
google_token <- oauth_service_token(oauth_endpoints("google"), json_file,
                                scope = "https://www.googleapis.com/auth/userinfo.profile")

 # 4. Use API
 req <- GET("https://www.googleapis.com/oauth2/v1/userinfo",
            config(token = google_token))

Error: is.request(y) is not TRUE

[thomascjohnson]

Mark, as a further issue with this, I had to manually create the request. I
can't remember how I did it exactly, but it can be done.
On Fri, Oct 16, 2015 at 1:32 PM Mark notifications@github.com wrote:

I ran into this, but then I can't get a request running afterwards. Do you
have working example?

If I modify the oauth2.0 example to use the JSON I have:

library(httr)

1. Find OAuth settings for google:

https://developers.google.com/accounts/docs/OAuth2InstalledApp

oauth_endpoints("google")
<oauth_endpoint>
authorize: https://accounts.google.com/o/oauth2/auth
access: https://accounts.google.com/o/oauth2/token
validate: https://www.googleapis.com/oauth2/v1/tokeninfo
revoke: https://accounts.google.com/o/oauth2/revoke

3. Get OAuth credentials

json_file <- jsonlite::fromJSON("bigQueryR-4494268a1398.json")
google_token <- oauth_service_token(oauth_endpoints("google"), json_file,
scope = "https://www.googleapis.com/auth/userinfo.profile")

4. Use API

req <- GET("https://www.googleapis.com/oauth2/v1/userinfo",
config(token = google_token))

Error: is.request(y) is not TRUE

—
Reply to this email directly or view it on GitHub
#282 (comment).

[MarkEdmondson1234]

Thanks, I just read this similar issue which suggests putting the token in the request parameters, sounds like what you are saying too :)

[makanig]

FYI - this is what I ended up doing, kind of a hack..I had to change the function to get around the two issues I filed.

, library(httr)
  library(jsonlite)

  keyFile <- "TwitterAPI-App-51ca9b46ce60.json"
  endpoint <- oauth_endpoint(authorize= "https://www.googleapis.com/oauth2/v3/token", 
                             access = "https://www.googleapis.com/oauth2/v3/token", 
                             base_url = "https://www.googleapis.com")
  # endpoint <- oauth_endpoints("google") # this is for accounts.google.com, I need GCP access

  secrets <- jsonlite::fromJSON(keyFile)
  scope <- "https://www.googleapis.com/auth/devstorage.read_write"

  googleToken <- my_oauth_service_token(endpoint, secrets, scope)

  surl <- "https://www.googleapis.com/storage/v1/b?project=rock-module-102802"

  req <- GET(surl,query = list(access_token = googleToken$credentials$access_token), verbose())

[hadley]

@craigcitro @siddharthab any idea where scopes are always space separated?

[siddharthab]

I suppose it is a quirk. Did not have to be that way but it is.

From https://developers.google.com/identity/protocols/OAuth2ServiceAccount > Preparing to make an authorized API call > HTTP/REST

scope A space-delimited list of the permissions that the application requests.