eSeGeCe
software
Hi!
We're users of the Delphi suite and try to connect to Google Services. The precompiled Demo works well. But when I use our installed components to implement Google calendar connectivity, I get this error message from Google in the web browser:
Error 400: invalid_scope
Some requested scopes were invalid. {invalid=[https%3A%2F%2Fhttp://www.googleapis.com%2Fauth%2Fcalendar%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.events]}
All I did was add a TsgcHTTPGoogleCloud_Calendar_Client to a fresh form, entered the ClientId and ClientSecret
Reason: The TsgcHTTPOAuth_AuthorizationServer.GetScope method uses sgcPathencode() at the end. When I don't let that happen in teh debugger, authentication works fine.
We're users of the Delphi suite and try to connect to Google Services. The precompiled Demo works well. But when I use our installed components to implement Google calendar connectivity, I get this error message from Google in the web browser:
Error 400: invalid_scope
Some requested scopes were invalid. {invalid=[https%3A%2F%2Fhttp://www.googleapis.com%2Fauth%2Fcalendar%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar.events]}
All I did was add a TsgcHTTPGoogleCloud_Calendar_Client to a fresh form, entered the ClientId and ClientSecret
Reason: The TsgcHTTPOAuth_AuthorizationServer.GetScope method uses sgcPathencode() at the end. When I don't let that happen in teh debugger, authentication works fine.
My temporary "solution": I unsinstalled the Delphi package, rewrote the code in sgcHTTP_OAuth2_Client.pas for the method TsgcHTTPComponentClient_OAuth2.GetAuthorizationURL;
and recompiled and installed the components again. That works. But is it the way it's supposed to be?
Sidenote: I compiled the shipped demo as well with my version of esegece components and it doesn't work either. So I must have missed an update, but our subscription period has just ended a few weeks ago.
// commented out those lines
//vParams := vParams + '&' + CS_OAUTH2_SCOPE + '=' +
// AuthorizationServerOptions.GetScope;
vParams := vParams + '&' + CS_OAUTH2_STATE + '=' + OAuth2Options.State;
oURI := TIdURI.Create('');
Try
result := AuthorizationServerOptions.AuthURL + '?' +
oURI.ParamsEncode(vParams);
Finally
sgcFree(oURI);
End;
// new lines, scopeParams is a simple string
scopeParams := AuthorizationServerOptions.GetScope;
if scopeParams<>'' then
begin
Result := Result + '&' + CS_OAUTH2_SCOPE + '=' + scopeParams;
end;
and recompiled and installed the components again. That works. But is it the way it's supposed to be?
Sidenote: I compiled the shipped demo as well with my version of esegece components and it doesn't work either. So I must have missed an update, but our subscription period has just ended a few weeks ago.
Hi,
It's a bug, there was a property to manage this, it was in AuthorizationServerOptions.EncodeScope, but seems I deleted by error in a previous version. I've included again this property to Encode or not the Scope if required (by default the value is true). Thanks for the feedback.
Kind Regards,
Sergio
It's a bug, there was a property to manage this, it was in AuthorizationServerOptions.EncodeScope, but seems I deleted by error in a previous version. I've included again this property to Encode or not the Scope if required (by default the value is true). Thanks for the feedback.
Kind Regards,
Sergio
Thanks for your reply. I suppose, the property controlled whether GetScope uses sgcPathEncode or not.
Where did you set that property to false then? Because GetScope is used in various places all over sgcHTTP_OAuth2_Client (DoRefreshTokenRequest, DoAccessTokenRequest, and of course GetAuthorizationURL where it's not supposed to be encoded in the first place)
Where did you set that property to false then? Because GetScope is used in various places all over sgcHTTP_OAuth2_Client (DoRefreshTokenRequest, DoAccessTokenRequest, and of course GetAuthorizationURL where it's not supposed to be encoded in the first place)
Hello,
I've been digging a bit more in the source code and I found that this was already fixed some time ago. In previous versions there was a property EncodeScope used to encode or not the scope, but this was deleted and now the scope is encoded in the methods DoRefreshTokenRequest and DoAccessTokenRequest, but it's not encoded in GetAuthorizationURL. Sorry for misunderstanding.
I've tried the current OAuth2 client demo and the authorization works with the calendar events. You can try the latest compiled demos from:
https://www.esegece.com/download/sgcWebSockets_bin.zip
Kind Regards,
Sergio
I've been digging a bit more in the source code and I found that this was already fixed some time ago. In previous versions there was a property EncodeScope used to encode or not the scope, but this was deleted and now the scope is encoded in the methods DoRefreshTokenRequest and DoAccessTokenRequest, but it's not encoded in GetAuthorizationURL. Sorry for misunderstanding.
I've tried the current OAuth2 client demo and the authorization works with the calendar events. You can try the latest compiled demos from:
https://www.esegece.com/download/sgcWebSockets_bin.zip
Kind Regards,
Sergio
- Page :
- 1
There are no replies made for this post yet.