calcurse icon indicating copy to clipboard operation
calcurse copied to clipboard

Published 20 hours ago verified publisher icon lfos

403 Forbidden when submitting authcode for google calendar

Open solomon-b opened this issue 5 years ago • 14 comments

I was able to get the auth code successfully, however i have not been able to use it to authorize syncronization:

~ λ calcurse-caldav --init keep-remote --authcode '<auth_code_here>'
/usr/bin/calcurse-caldav:563: DeprecationWarning: This method will be removed in future versions.  Use 'parser.read_file()' instead.
  config.readfp(open(configfn))
Connecting to apidata.googleusercontent.com...
Removing all local calcurse objects...
error: The server at apidata.googleusercontent.com replied with HTTP status code
error: 403 (Forbidden) while trying to access https://apidata.googleusercontent.
error: com/caldav/v2/[email protected]/events/.

I'm using calcurse 4.4.0 on archlinux.

solomon-b avatar Mar 14 '19 00:03 solomon-b

I have the same issue on macOS Mojave and am not quite sure how to diagnose it.

shibacomputer avatar Mar 27 '19 23:03 shibacomputer

Did you try to use debug mode?

lfos avatar Apr 11 '19 04:04 lfos

Also, is this possibilty a duplicate of #147?

lfos avatar Apr 11 '19 04:04 lfos

@lfos thanks for the reply! I don't believe this is a duplicate of #147 as this happens at --init and not during a sync.

Here's what happens after running calcurse-caldav with a debug flag:

$ calcurse-caldav --debug --init keep-remote
/usr/local/bin/calcurse-caldav:563: DeprecationWarning: This method will be removed in future versions.  Use 'parser.read_file()' instead.
  config.readfp(open(configfn))
warning: Dry run; nothing is imported/exported. Add "DryRun = No" to the
warning: [General] section in the configuration file to enable synchronization.
Running command: ['calcurse', '--version']
> REPORT https://apidata.googleusercontent.com/caldav/v2/[email protected]/events/
> Headers: {'Content-Type': 'application/xml; charset=utf-8', 'Depth': '1'}
> <?xml version="1.0" encoding="utf-8" ?><C:calendar-query xmlns:D="DAV:"                   xmlns:C="urn:ietf:params:xml:ns:caldav"><D:prop><D:getetag /></D:prop><C:filter><C:comp-filter name="VCALENDAR" /></C:filter></C:calendar-query>

< Status: 403 (Forbidden)
< Headers: {'vary': 'Origin, X-Origin', 'content-type': 'text/xml; charset=UTF-8', 'date': 'Mon, 15 Apr 2019 13:54:37 GMT', 'expires': 'Mon, 15 Apr 2019 13:54:37 GMT', 'cache-control': 'private, max-age=0', 'x-content-type-options': 'nosniff', 'x-frame-options': 'SAMEORIGIN', 'x-xss-protection': '1; mode=block', 'server': 'GSE', 'alt-svc': 'quic=":443"; ma=2592000; v="46,44,43,39"', 'transfer-encoding': 'chunked', 'status': '403', 'content-length': '65', '-content-encoding': 'gzip'}
< <?xml version="1.0" encoding="UTF-8"?>
< <D:error xmlns:D="DAV:"/>

error: The server at apidata.googleusercontent.com replied with HTTP status code
error: 403 (Forbidden) while trying to access https://apidata.googleusercontent.
error: com/caldav/v2/[email protected]/events/.

shibacomputer avatar Apr 15 '19 13:04 shibacomputer

same problem, same errors / debug messages, on Ubuntu Studio 16.04, calcurse 4.4.0

madamdata avatar May 21 '19 15:05 madamdata

Strange. Are you sure you are using the proper auth code?

I am currently not syncing with Google calendar myself, so I cannot help much with this.

@watersalesman, do you have any ideas?

lfos avatar May 21 '19 15:05 lfos

it's been awhile since I synced from scratch. I did just that and things worked fine minus one quirk.

I noticed that when receiving your auth code, the redirect URI now returns the scope as well as the auth code. Example: http://127.0.0.1/?code=4/UgErD_iBJSSKblahblah6Gj4gknqVrNIsbjegDxhsnChw_T-4HR9PblahblBlSipuO1P5s&scope=https://www.googleapis.com/auth/calendar

You need to make sure to copy only the auth code - so anything after &code= but before &scope=blahblahblah. Including the scope portion of the returned URI would result in an invalid auth code and authorization error. Hopefully, this helps.

Documentation will need to be updated to account for the additional text being returned in the URI.

watersalesman avatar May 22 '19 03:05 watersalesman

Thanks for adding that.

@ssbothwell, @shibacomputer, @madamdata: can you confirm that this was the problem? Or does the problem persist even after using only the auth code without the scope parameter?

lfos avatar May 22 '19 06:05 lfos

The problem is not granting the CalDAV API to the project. Do that, and it starts working. (Figured this out myself today)

trudheim avatar Jun 06 '19 13:06 trudheim

@watersalesman Should we add that in a "Troubleshooting" section in the calcurse-caldav README?

lfos avatar Jun 06 '19 13:06 lfos

Sure, it would definitely be beneficial to start collecting common issues under the calcurse-caldav README

watersalesman avatar Jun 11 '19 01:06 watersalesman

Is there any workaround on this topic. I stuck at the same point as 403 forbidden.

eorus avatar Oct 03 '20 09:10 eorus

The solutions have been described in the discussion above and documented at https://github.com/lfos/calcurse/pull/222/commits/d3828181cd1532d163519502bba3cfd895dfdc32. If neither of them work for you, please file a new ticket. Thanks!

lfos avatar Oct 03 '20 13:10 lfos

Yes, I proceeded by reading this discussion and document. It was even an installation I did before (last year). While applying for the new system, I see that the parts in the document are no longer included in the Google developer console. For example, we can no longer select "other" in the credentials section. If selected a desktop app then it needs verification.

eorus avatar Oct 04 '20 11:10 eorus