Kong/mashape-oauth

Incorrect callback URL with oAuth 1.0a / Google

Closed this issue · 2 comments

Hi there,

I'm trying to use oAuth 1.0a with Google to retrieve stuff (I can't use 2.0 for this use case).
I'm struggling at the authorization step because Google doesn't redirect my URL correctly and I was wondering what I am doing wrong. I thought you might help me or notice if it is a bug on mashape-oauth side.

Here is my code: https://github.com/jsilvestre/cozy-data-integrator/blob/master/server/controllers/integrator.coffee#L28-L49

Here is the result + chrome debugger information: http://d.pr/i/eQtK
The weird part is that Google redirects to /b/0/ instead of the callback itself.
Using http://googlecodesamples.com/oauth_playground/index.php gives me a correct result though.

Notice that I still have the same result even if I use a different callback URL.

Thank you in advance if you can help me!

Just tested this, and it works for me, maybe it's due to your encoding of the url and google doesn't like that:

app.get('/oauth', function (req, res) {
  var oauth = new moth.OAuth({
    requestUrl: "https://www.google.com/accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com%2Fcalendar%2Ffeeds%2F+https%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds%2F+https%3A%2F%2Fpicasaweb.google.com%2Fdata%2F",
    accessUrl: "https://www.google.com/accounts/OAuthGetAccessToken",
    callback: "http://localhost/oauth/callback",
    consumerKey: "anonymous",
    consumerSecret: "anonymous",
    version: "1.0",
    signatureMethod: "HMAC-SHA1"
  });

  oauth.getOAuthRequestToken(function (error, token, secret, results) {
    if (error) {
      res.error(500, error);
    } else {
      host = "https://www.google.com/";
      url = "accounts/OAuthAuthorizeToken";
      params = "?oauth_token=" + token + "&hl=fr";
      res.redirect(host + url + params);
    }
  });
});

app.get('/oauth/callback', function (req, res) {
  console.log(req.params, req.body);
});

Forgot to add the port so it didn't go to express but it does work:
Proof of Concept

It's working!
Thank you very much, I have no idea why I encoded the callback URL.