Wednesday, 28 September 2022
  4 Replies
  657 Visits

We're users of the Delphi suite and try to connect to Google Services. The precompiled Demo works well. But when I use our installed components to implement Google calendar connectivity, I get this error message from Google in the web browser:
Error 400: invalid_scope
Some requested scopes were invalid. {invalid=[https%3A%2F%2F]}

All I did was add a TsgcHTTPGoogleCloud_Calendar_Client to a fresh form, entered the ClientId and ClientSecret

Reason: The TsgcHTTPOAuth_AuthorizationServer.GetScope method uses sgcPathencode() at the end. When I don't let that happen in teh debugger, authentication works fine.
My temporary "solution": I unsinstalled the Delphi package, rewrote the code in sgcHTTP_OAuth2_Client.pas for the method TsgcHTTPComponentClient_OAuth2.GetAuthorizationURL;

// commented out those lines
//vParams := vParams + '&' + CS_OAUTH2_SCOPE + '=' +
// AuthorizationServerOptions.GetScope;
vParams := vParams + '&' + CS_OAUTH2_STATE + '=' + OAuth2Options.State;

oURI := TIdURI.Create('');
result := AuthorizationServerOptions.AuthURL + '?' +
// new lines, scopeParams is a simple string
scopeParams := AuthorizationServerOptions.GetScope;
if scopeParams<>'' then
Result := Result + '&' + CS_OAUTH2_SCOPE + '=' + scopeParams;

and recompiled and installed the components again. That works. But is it the way it's supposed to be?

Sidenote: I compiled the shipped demo as well with my version of esegece components and it doesn't work either. So I must have missed an update, but our subscription period has just ended a few weeks ago.
1 year ago

It's a bug, there was a property to manage this, it was in AuthorizationServerOptions.EncodeScope, but seems I deleted by error in a previous version. I've included again this property to Encode or not the Scope if required (by default the value is true). Thanks for the feedback.

Kind Regards,
Thanks for your reply. I suppose, the property controlled whether GetScope uses sgcPathEncode or not.

Where did you set that property to false then? Because GetScope is used in various places all over sgcHTTP_OAuth2_Client (DoRefreshTokenRequest, DoAccessTokenRequest, and of course GetAuthorizationURL where it's not supposed to be encoded in the first place)
1 year ago

I've been digging a bit more in the source code and I found that this was already fixed some time ago. In previous versions there was a property EncodeScope used to encode or not the scope, but this was deleted and now the scope is encoded in the methods DoRefreshTokenRequest and DoAccessTokenRequest, but it's not encoded in GetAuthorizationURL. Sorry for misunderstanding.

I've tried the current OAuth2 client demo and the authorization works with the calendar events. You can try the latest compiled demos from:

Kind Regards,
  • Page :
  • 1
There are no replies made for this post yet.
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below.
Supported: gif,jpg,png,jpeg,zip,rar,pdf
· Insert · Remove
  Upload Files (Maximum 10MB)