watchmen icon indicating copy to clipboard operation
watchmen copied to clipboard
verified publisher icon iloire

Which OAuth Credentials in Google?

Open jwulf opened this issue 8 years ago • 4 comments

The docs say:

You will also need to set the Google client ID and secret using env variables accordingly. (Login into https://console.developers.google.com/ to create them first)

Can you give some more details on this? On Google there are several types of OAuth credentials (web browser / web server || access your data / access users' data) and a bunch of different parameters (origin URL || redirect URL).

I read in another issue that you need to enable the Google+ API, so I did that; then generated a couple of different credentials for OAuth. They all result in an error.

jwulf avatar Jan 05 '17 15:01 jwulf

When I step through their wizard and say that I'm looking for credentials to allow a web browser || web server access a user's data via the Google+ API, it tells me that I have credentials already for both of those scenarios.

When I use either of those credentials with watchmen, Google gives me a 401 error, with the client key on the screen, like this:

401. That’s an error.

Error: invalid_client

The OAuth client was not found.

Request Details
response_type=code
redirect_uri=http://watcher.magikcraft.io/auth/google/callback
scope=https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
client_id='672769544416-45vu7vkkqtqbpv1p1ompcfjrt9smgmpv.apps.googleusercontent.com'
That’s all we know.

jwulf avatar Jan 05 '17 15:01 jwulf

Same problem here, @jwulf have you found a solution?

rinderschwein avatar Jun 21 '17 09:06 rinderschwein

Here's a rough guide based on what I did to get it working:

  • Go to Google's API Console: https://console.developers.google.com
  • Create a new Project if you need to, or select an existing one
  • Go to the Dashboard option in the left menu
  • Select the Enable API option and enable the Google+ API
  • Go to the Credentials option in the left menu
  • Hit the Create Credentials button and select the OAuth client ID option
  • You should be prompted to configure the Consent Screen - just requires an email address and project name to work
  • Then configure the app. I was running it as a web service so picked Web Application
  • I'm running it locally for now so under the restrictions I added http://localhost:3000 as the origin URI and http://localhost:3000/auth/google/callback as the redirect URI

That should get you the Client ID and the Client Secret to put in the config files. I also added a Google Analytics ID to the config files, which you can get from a Google Analytics account

DigitalSquid avatar Jul 05 '17 20:07 DigitalSquid

Couple of thoughts:

  1. For me it was necessary to remove all quotes in env file, so it will be just: WATCHMEN_BASE_URL=http://localhost:3000 WATCHMEN_WEB_PORT=3000 ... as well as Google keys. Otherwise this quotes remains in auth query and it will fail.

  2. There are deprecated options scope: 'https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile' it needs to be replaced with scope: 'email profile' in webserver/routes/web-auth-route.js

  3. You need to enable Google + API in your console otherwise auth will fail (as 0f 2017)

dnx2k avatar Jul 19 '17 11:07 dnx2k