Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication fails? #80

Closed
cboettig opened this issue Aug 4, 2014 · 16 comments
Closed

Authentication fails? #80

cboettig opened this issue Aug 4, 2014 · 16 comments

Comments

@cboettig
Copy link

cboettig commented Aug 4, 2014

No description provided.

@cboettig
Copy link
Author

cboettig commented Aug 4, 2014

Sorry I submitted that before entering text. Trying again.

I am following: https://github.com/tpitale/legato/wiki/OAuth2-and-Google

Everything goes well until I get to

access_token = client.auth_code.get_token(ENV['LEGATO_OAUTH_AUTH_CODE'], :redirect_uri => 'http://localhost')

where I get the error:

OAuth2::Error: invalid_grant: 
{
  "error" : "invalid_grant"
}

I confirm that ENV['LEGATO_OAUTH_AUTH_CODE'] contains the token I got from the browser by following the earlier steps. Not sure what I've done wrong or how best to troubleshoot this one. Any suggestions? (I'm coming from garb, which I haven't used in a few years, and all the authentication seems to be a bit different.) Thanks so much for your help!

@cboettig
Copy link
Author

cboettig commented Aug 4, 2014

p.s. I also tried first adding the email address provided by Google API web console to the Google Analytics approved users, but still get the same invalid_grant error when trying to run client.auth_code.get_token

@tpitale
Copy link
Owner

tpitale commented Aug 4, 2014

Did you do the steps above the code where you get the url with the code in it from google and set the LEGATO_OAUTH_AUTH_CODE env variable? To check, try puts ENV['LEGATO_OAUTH_AUTH_CODE'].

@cboettig
Copy link
Author

cboettig commented Aug 4, 2014

Yup, tried that. puts indeed does return the variable I copied. (I noted that after the ?code= the first two characters were 4/, and I thought a / was a strange thing to have in a key so I tried it without those two characters as well, but still no go -- invalid_grant error.

@tpitale
Copy link
Owner

tpitale commented Aug 4, 2014

The only other thing I can think of offhand is that your oauth client id/secret is not set properly for analytics.readonly scope?

@tpitale
Copy link
Owner

tpitale commented Aug 4, 2014

The code is only a single use code to get you the token. And the token itself expires after as little as 30 minutes.

@tpitale
Copy link
Owner

tpitale commented Aug 4, 2014

You can try using the legato cli tool. It will walk through the steps of asking for your client, secret, and then will open the authorize url, and wait for you to paste the code.

@tpitale
Copy link
Owner

tpitale commented Aug 4, 2014

https://github.com/tpitale/legato/wiki/Legato-and-IRB

@cboettig
Copy link
Author

cboettig commented Aug 4, 2014

Very strange. The command line tool works fine for me. I get a token, I
can store it in yaml, I can use the token to execute all the steps for the
case when you already have a token, shown here:
https://github.com/tpitale/legato/wiki/OAuth2-and-Google#final-code-in-your-application

However, using that LEGATO_OAUTH_AUTH_CODE with the example code for
authenticating in a program still doesn't work for me, same error as
before. No idea what's wrong.

On Mon, Aug 4, 2014 at 1:29 PM, Tony Pitale notifications@github.com
wrote:

https://github.com/tpitale/legato/wiki/Legato-and-IRB


Reply to this email directly or view it on GitHub
#80 (comment).

Carl Boettiger
UC Santa Cruz
http://carlboettiger.info/

@tpitale
Copy link
Owner

tpitale commented Aug 4, 2014

My guess is there is a typo somewhere. Maybe in your code, maybe in the wiki, maybe in the way your ENV variables are being set.

@tpitale tpitale closed this as completed Aug 4, 2014
@osnysantos
Copy link

I'm facing this same problem, exactly as @cboettig said. Every time I have to get a new token so I continue testing.

@tpitale
Copy link
Owner

tpitale commented Nov 11, 2015

I'm able to run the wiki code. Do you have the correct settings in google to enable analytics access for your oauth info?

@tpitale
Copy link
Owner

tpitale commented Nov 11, 2015

screen shot 2015-11-11 at 10 23 48 am

@osnysantos
Copy link

I think so because I can see my GA data, but just at first request, refreshing the page I get this error:

OAuth2::Error (invalid_grant: Code was already redeemed.
  {
    "error" : "invalid_grant",
    "error_description" : "Code was already redeemed."
  }):

My code is exactly as wiki. For every request I have to hit the address on browser to copy the new auth code.

image

@tpitale
Copy link
Owner

tpitale commented Nov 11, 2015

That code is a single use. You get an access token with it. That access token may be used for 30 minutes before needing refreshing.

I would advise reading up on how to use OAuth 2. This is not a Legato issue. The wiki is only a short primer.

@tpitale
Copy link
Owner

tpitale commented Nov 11, 2015

I've updated the wiki: https://github.com/tpitale/legato/wiki/OAuth2-and-Google To add more caveats about how this is not a definitive guide to OAuth 2, and how you need to understand how that process works before using any tool that works with Google (or any of the many other services that auth using OAuth 2).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tpitale @cboettig @osnysantos