dannyshmueli / gtm-oauth2 Goto Github PK

What steps will reproduce the problem?

Do OAuth2 with Dropbox Core API using gtm-oauth2

What is the expected output? What do you see instead?

Expect: get access token back
Actual: get nil for the access token

What version of the product are you using? On what operating system?

latest

Please provide any additional information below.

GTMOAuth2Authentication.m in 

- (void)tokenFetcher:(GTMOAuth2Fetcher *)fetcher
    finishedWithData:(NSData *)data
               error:(NSError *)error {

determines if the response is JSON when a response's Content-Type is 
"application/json"

some services, like dropbox, are returning JSON and setting Content-Type to 
"text/javascript".  When that happens gtm-oauth doesn't parse the response 
properly, succeeding but not passing the access token along.

The dart team ran into the same snag and fixed their stuff: 
https://code.google.com/p/dart/issues/detail?id=17067

Hi there! I have a problem with my cobook application for Mac Os X. I am not 
sure if this is the right place to ask a question like this, because I am not a 
programmer. I did not find any other source for addressing this problem though. 
Maybe someone can help?


What steps will reproduce the problem?
>> Syncing contacts with Cobook Application and Google Account

What is the expected output? What do you see instead?
>> Isee an exclamation mark and the message: "Google: The operation couldn't be 
completed. (com.google.GTMOAuth2 error -1001.)"

What version of the product are you using? On what operating system?
Mac Os X 10.9.2
Cobook 3.0.4 (3113)

What is that error? What does it mean?


Thanks for your help!


aeiou

What steps will reproduce the problem?
1. Using Paypal endpoint (sandbox was tested)
2. Login with sandbox credentials
3. method updateExpirationDate throws exception on 
   unsigned long deltaSeconds = [expiresIn unsignedLongValue]; 
-[__NSCFString unsignedLongValue]: unrecognized selector sent to instance 
0x76db300

expiresIn is a NSString because it was sent as quoted string in the JSON 
response from server

What is the expected output? What do you see instead?
exception thrown on completion

What version of the product are you using? On what operating system?
iOS 6 - new application

Please provide any additional information below.

Properties are assigned to GTMOAuth2Authentication properties blindly from  
JSON parsed data, so some implementations may return NSString in token response.

In my case here is the Paypal (truncated) response to 
https://api.sandbox.paypal.com/v1/identity/openidconnect/tokenservice

{
    "token_type": "Bearer",
    "expires_in": "28800",
    "refresh_token": "XXXXX",
    "id_token": "YYYYYY",
    "access_token": "ZZZZZZ"
}

Would suggest changing implementation of expiresIn to:

- (NSNumber *)expiresIn {
    id value = [self.parameters objectForKey:kOAuth2ExpiresInKey];

    if ([value isKindOfClass:[NSString class]]) {
        value = [NSNumber numberWithInteger:[value integerValue]];
    }
    return value;
}

What steps will reproduce the problem?
1. Create a Google Endpoint that takes a POJO parameter
2. Generate the client proxies for Objective-C using the provided tool
3. Call the service method by creating the Api parameter object generated and 
calling the service method
4. The object properties will be NULL at the server for the incoming POJO

What is the expected output? What do you see instead?

Expect the values put into the Obj-C client proxy version of the POJO.

The Google Endpoint project has 3 clients: Android, Javascript (Web) and iOS.  
By comparing the body POST data of the working client calls with those of the 
iOS/gtm client, I was able to find the issue.

The JSON being sent to the API for the POJO parameter differs in that it is 
nested below a top level object "resource:"... aka. kBodyObjectParamKey

So what works for the param:
{
    someProp:"some value";
}
is sent as
{
    resource: {
          someProp:"some value";
    }
}
and the server side POJO has null values.

What version of the product are you using? On what operating system?
2.x on Mac.  Should not be a factor.

Please provide any additional information below.
I was able to isolate the issue and modify the code in GTLService so that it 
would place the JSON body under the "params" directly, without the nesting 
below "resource:", and no surprise, it started working just like the other 
clients.  There may be something going on deeper that I am missing, or an 
option I missed, but I don't see it in the code so far.  Going to do more 
testing, but any insight would be helpful.

What steps will reproduce the problem?
1. [in code] Create a new GTMOAuth2ViewControllerTouch instance and push it 
onto the navigation stack.
2. Build and run the app and cause the GTMOAuth2ViewControllerTouch controller 
to be presented.
3. Use the iOS 7 navigation stack pop gesture, but tap and drag from the left 
edge of the screen instead of doing a quick tap and swipe. Don't allow the pop 
to complete by dragging part-way across the screen then back so that the pop 
operation is effectively started and canceled.

What is the expected output? What do you see instead?

The problem is that -viewWillDisappear: is implemented instead of 
-viewDidDisappear:, so as the pop gesture is started, -viewWillDisappear: is 
called and does a state cleanup. When you cancel the pop by dragging back then 
the controller is still active but it's in an inconsistent state. By just 
renaming -viewWillDisappear: to -viewDidDisappear: (both the controller's 
method and its call to super), then the cleanup only happens when the pop has 
actually completed.

This is not something that you would notice if you tapped on the Back button 
since the pop operation always runs to completion.

What version of the product are you using? On what operating system?

This is being built against the iOS 7 SDK and is in the current source as of 
today.

Please provide any additional information below.

What steps will reproduce the problem?
--
After entering your username & password, Google gives you the standard "Blah 
blah app is requesting permission to..." screen. If you hit the "Allow access" 
button before that page has enough time to load all of its JS assets, you will 
invariably get the following error:

"You've reached this page because we have detected that Javascript is disabled 
in your browser. The page you attempted to load cannot display properly if 
scripts are disabled."
(This screen is black & white and has no Google branding on it.)

You can time this event by hitting "Allow access" before the application's icon 
(just above the button) loads. If you wait until the icon loads (that is, 
presumably, when the JS files loads), you won't get this error message and 
everything will work just fine.


What is the expected output? What do you see instead?
--
User should not have to wait for JS files to load before completing auth. 


What version of the product are you using? On what operating system?
--
svn commit #96 via gdata-objective-client on both iOS 5.1 and IOS 6. I've seen 
it with apps currently available in the App Store (Asana, for example) as well 
as on the simulator (Xcode 4.5.1 on Mountain Lion).

Please provide any additional information below.
-- 
It's probably not something in the gtm-oauth2 library so much as it is the web 
backend where gtm-oauth points to, but I wasn't sure where else to report it. 
If someone points me in the right direction I can re-post this issue.

GTMOAuth2Authentication has properties called scope and refreshScope.  Inside 
makeTokenFetchRequest on line 778 (of 
http://gtm-oauth2.googlecode.com/svn/trunk r121), the refreshScope property is 
used to set the "scope" URL parameter.  It is then potentially overwritten by 
the value of the scope property on line 794, which sets exactly the same URL 
parameter.

As far as I can see, either refreshScope was intended to set a URL parameter 
called refreshScope instead of scope (in which case it is broken right now) or 
it's a bit of old code that has been superseded and is no longer useful (since 
callers can always use scope instead).

The refreshScope property is declared in a section commented "OAuth2 standard 
protocol parameters" but I can't find a refreshScope or refresh_scope parameter 
in RFC 6749 or https://developers.google.com/accounts/docs/OAuth2WebServer, so 
I don't know what standard this is referring to, if any.

Hi all google developer,

I am using OAUTH 2.0 which you provide in your page here 
:"http://code.google.com/p/gtm-oauth2/wiki/Introduction".

I successfully integrate in my IOS 5.0 application and authenticate the user 
and also allow the user to upload the video on their YouTube account but after 
three or four day, GDATA API was not work properly as they have not 
authenticate the user most of the time and after entering 5 to 6 time email and 
password in GTMOAuth2ViewControllerTouch controller worked some of time.

Here i am attaching the error report which i produced every time when login to 
YouTube.

Please provide the solution as i launch my application in next 2 or 3 days.

What steps will reproduce the problem?
1. After succesful autentication using self.auth = 
[GTMOAuth2ViewControllerTouch authForGoogleFromKeychainForName:GOOGLE_KEYCHAIN
                                                          clientID:GOOGLE_CLIENT_ID
                                                      clientSecret:GOOGLE_CLIENT_SECRET];
2.
3.

What is the expected output? What do you see instead?
I need the gmail email string '[email protected]' but I get 
[email protected]


What version of the product are you using? On what operating system?
Last version


Please provide any additional information below.

What steps will reproduce the problem?
1. Opening the app the printers are all listed on the left side.  But I'm 
unable to choose which printer to use.
2. Signing in and out of the app doesn't make a difference.  Even trying a 
different user doesn't fix or solve the issue either.
3. Deleting the app and reinstalling it, sometimes I'm able to select the 
printer I want to use again.  But upon selecting "Printer Setting", printers go 
un-clickable again and stay's that way.


What is the expected output? What do you see instead?  As long as the printer I 
want is selected at first open it prints fine.  I cannot select a different 
printer or see the settings of any printer.


What version of the product are you using? On what operating system?  App V. 
1.8.2  -  OSX 10.8.3


Please provide any additional information below.  I've tried everything I can 
think of.  It seems intermittent on when the printers are selectable or not.  
It's very inconsistent.

ok

In GTMOAuth2SignIn.m, the -[GTMOAuth2SignIn parametersForWebRequest] method may 
return "NO" if both hasClientID and hasRedirect are both "NO".

> - (NSMutableDictionary *)parametersForWebRequest {
>   GTMOAuth2Authentication *auth = self.authentication;
>   NSString *clientID = auth.clientID;
>   NSString *redirectURI = auth.redirectURI;
> 
>   BOOL hasClientID = ([clientID length] > 0);
>   BOOL hasRedirect = ([redirectURI length] > 0
>                       || redirectURI == [[self class] 
nativeClientRedirectURI]);
>   if (!hasClientID || !hasRedirect) {
> #if DEBUG
>     NSAssert(hasClientID, @"GTMOAuth2SignIn: clientID needed");
>     NSAssert(hasRedirect, @"GTMOAuth2SignIn: redirectURI needed");
> #endif
>     return NO;
>   }

Here, the "return NO;" should either be "return nil;" or "return 
[NSMutableDictionary dictionaryWithObjectsAndKeys:nil];".

What steps will reproduce the problem?
1. push GTMOAuth2ViewControllerTouch
2. pop GTMOAuth2ViewControllerTouch while web view is still loading

Quick fix:
Add this in -dealloc

    if (webView_.loading) {
        [self notifyWithName:kGTMOAuth2WebViewStoppedLoading
                     webView:webView_
                        kind:nil];
    }

/* Copyright (c) 2011 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#if GTM_INCLUDE_OAUTH2 || !GDATA_REQUIRE_SERVICE_INCLUDES

// This class implements the OAuth 2 protocol for authorizing requests.
// http://tools.ietf.org/html/draft-ietf-oauth-v2

#import <Foundation/Foundation.h>

#if GTM_USE_SESSION_FETCHER
  #import "GTMSessionFetcher.h"
#else
  #import "GTMHTTPFetcher.h"
#endif  // GTM_USE_SESSION_FETCHER

#define GTMOAuth2Fetcher GTMBridgeFetcher
#define GTMOAuth2FetcherService GTMBridgeFetcherService
#define GTMOAuth2FetcherServiceProtocol GTMBridgeFetcherServiceProtocol
#define GTMOAuth2AssertValidSelector GTMBridgeAssertValidSelector
#define GTMOAuth2CookieStorage GTMBridgeCookieStorage
#define kGTMOAuth2FetcherStatusDomain kGTMBridgeFetcherStatusDomain
#define kGTMOAuth2StatusBadRequest kGTMBridgeFetcherStatusBadRequest


// Until all OAuth 2 providers are up to the same spec, we'll provide a crude
// way here to override the "Bearer" string in the Authorization header
#ifndef GTM_OAUTH2_BEARER
#define GTM_OAUTH2_BEARER "Bearer"
#endif

#ifdef __cplusplus
extern "C" {
#endif

// Service provider name allows stored authorization to be associated with
// the authorizing service
extern NSString *const kGTMOAuth2ServiceProviderGoogle;

//
// GTMOAuth2SignIn constants, included here for use by clients
//
extern NSString *const kGTMOAuth2ErrorDomain;

// Error userInfo keys
extern NSString *const kGTMOAuth2ErrorMessageKey;
extern NSString *const kGTMOAuth2ErrorRequestKey;
extern NSString *

typo: firsStr -> firstStr

I've been using these classes for weeks now with no problems but a few days ago 
it suddenly stopped working without me touching anything. I suspect Google 
changed something with their API but I can't work out what.

My Google Reader client appears to successfully authenticate and no errors are 
returned, yet when I ask it for the number of subscriptions with the URL 
https://www.google.com/reader/api/0/subscription/list?output=json it returns:

{"subscriptions":[]}

If I paste the same URL into my web browser when I am logged into Google, it 
returns the subscriptions successfully. If I then log out and try it, it 
returns the same data my app returns, so it would seem to be an authentication 
issue.

It seems like I'm not the only one to have experienced it suddenly fail to work 
in the past few days, although what caused it remains unknown:
http://stackoverflow.com/questions/8684769/problems-with-googles-oauth

Can anyone else shed some light on this?

I'm running it on OS X 10.6.8 using Xcode 4.2.

According to the OAUth2 speciification, the result of an authentication token 
should be a JSON body. There are however OAUth2 providers that provide an HTTP 
form response (access_token=token&token_type=). GitHub's API is one where I 
encountered this. I've heard that Facebook has the same problem.

The attached patch adds support for form field responses; It looks at the 
response headers to determine whether JSON or form fields should be used.

Any chance migrating library to arc?

What steps will reproduce the problem?
1. Need to add additional query string parameter to the authentication HTML URL 
request. The ability to add parameters exists in the GTMOAuth2SignIn class, 
however the view controller instantiates the signIn instance and therefore 
requires you to subclass the view controller in order to set 
additionalAuthorizationParameters on the sign in object.

This is for signing into LinkedIn; they require an additional 'state' query 
string parameter. https://developer.linkedin.com/documents/authentication


What is the expected output? What do you see instead?
Ability to affect the auth URL without having to subclass the OAuth2 web view 
controller.


What version of the product are you using? On what operating system?
iOS 6.1, bringing in the source via CocoaPods.

Please provide any additional information below.

Thanks,
Rene

What steps will reproduce the problem?
1. Login to an account with a sheffield.ac.uk (we use SAML SSO with Google). 
2. Get redirected to our internal CAS service (correct)
3. Get logged into our portal (incorrect... this generally happens because the 
URL query string is missing that tells CAS to redirect you back to our SAML IdP 
before getting passed to Google)

What is the expected output? What do you see instead?

OAuth Token never gets generated as Google never receives a valid SAML response 
from our IdP. 


What version of the product are you using? On what operating system?

Example application compiled from latest SVN.

Please provide any additional information below.

I've been discussing this problem with the developers of BusyCal. It seems that 
gtm-oauth2 is not playing nicely with our IdP. We get to the google sign in 
page, which on receipt of a sheffield.ac.uk domain redirects you to our SAML 
IdP, which in turn redirects you to our internal CAS servers (our internal 
authentication). By this point, the query string seems to have been removed, 
which causes our CAS server to log you into the default service (our internal 
portal) and the request never gets back to the Google SP. 

Fix the
'GTMHTTPFetcher.h' file not found 
error which appears when importing gtm-oauth2 with cocoapods

For a more native user experience, Resource Owner Password Credentials Grant is 
essential.

As the title I'm unable to customize these properties.

I'm looking to edit the navigationBar color, navigationBar 
button/attributedString attributes, navigationBar title/attributedString 
attributes.

I've already tried overriding setUpNavigation and subclassing, but the result 
is shitty; with shitty I means:

1. If I set the attributedString attributes the text will disappear
2. Can't even set the tintColor

This is happening only with this class.

What steps will reproduce the problem?
1. Update example app to use another service provider
2. Provide client ID/secret key
3. Press Sign-In

What is the expected output? What do you see instead?
I expected my app to regain the control after web page authorization finishes. 
If I separately check my service provider then it says my app has been granted 
access. In my if I manually pop the web view, 
viewController:finishedWithAuth:error reports authentication failure.

What version of the product are you using? On what operating system?
trunk. iOS 5.

Please provide any additional information below.

I’ve recently updated gtm-oauth2 to the CocoaPods package manager repo.

CocoaPods is a tool for managing dependencies for OS X and iOS Xcode projects 
and provides a central repository for iOS/OS X libraries. This makes adding 
libraries to a project and updating them extremely easy and it will help users 
to resolve dependencies of the libraries they use.

However, gtm-oauth2 doesn't have any version tags. I’ve added the current 
HEAD as version 0.0.1, but a version tag will make dependency resolution much 
easier.

Semantic version tags (instead of plain commit hashes/revisions) allow for 
resolution of cross-dependencies.

In case you didn’t know this yet; you can tag the current HEAD as, for 
instance, version 1.0.0, like so:

$ git tag -a 1.0.0 -m "Tag release 1.0.0"
$ git push --tags

This class is way too complicated/overloaded.  As a result, it is hard to 
customize.  

1.  Needs better MVC separation.
2.  There are two classes defined in the same class file 
GTMOAuth2ViewControllerTouch and GTMOAuth2Keychain.
3.  Needs ARC compliance.
4.  The finishedSelector can be removed entirely as developers should use 
blocks instead.  This makes the code simpler and cleaner to work with.
5.  Needs support for Storyboard UIs with segue to this authentication 
controller.

What steps will reproduce the problem?
1. attempt to upload a video to YouTube on iOS
2.
3.

What is the expected output? What do you see instead?
assertion failure at GTMHTTPUploadFetcher.m:402
Apparently as a result of using a google account with no YouTube account 
channel.

What version of the product are you using? On what operating system?
latest as of dec 3 2013

Please provide any additional information below.

What steps will reproduce the problem?
1. Open the iOS GTMOAuth2ViewControllerTouch

What is the expected output? What do you see instead?
You'll  see "ugly" buttons that belong in iOS6 and before.
Instead I would like to see simplified buttons that fit the iOS 7 (and 8) UX.

What version of the product are you using? On what operating system?
iOS 7.1

I ran into an issue when using gtm-oauth2 to authenticate against an OAuth2 
provider that requires a redirectURI in the form of scheme:/path.

Web authentication is successful but the WebView delegate fails to match the 
redirected request to the redirectURI.

This patch updates the requestRedirectedToRequest method of the GTMOAuth2SignIn 
object to compare scheme and path of the redirectURI when the host is missing. 
This fixes the issue I encountered.

What steps will reproduce the problem?
1.trying to access the token from keychain


What is the expected output? What do you see instead?
i want to set the token directly and perform the upload. Instead a pop up comes 
asking the permission to access the keychain.

What version of the product are you using? On what operating system?
GTM-OAUTH2 in  Mac OS X 10.6


Please provide any additional information below.
i neednot require any pop ups that asks permission which allows or denies it. i 
want the upload to be done directly

What steps will reproduce the problem?
0. Start with an iOS application where you are not yet signed in to Google
1. Go through an application flow for iOS that requires sign-in
2. Touch the "sign up" button to create a new account
3. Watch the behavior of the UIWebView as it redirects you to an account 
sign-up page

What is the expected output? What do you see instead?

The sign-in page is presentationally optimized for mobile: 
https://accounts.google.com/ServiceLogin?[queryparameters]. The sign-up page 
that the UIWebView directs to from there when the user clicks -- 
https://accounts.google.com/SignUpGadget?[queryparameters] is not mobile 
optimized.

Moreover, the UIWebView is not set to allow the content to be zoomable! Even if 
SignUpGadget is not presenting mobile-optimized HTML -- this is likely beyond 
the scope of this codebase -- the UIWebView should assume it may have to zoom 
or unzoom its content. The server can override this on pages where it knows 
better by including <meta name="viewport" content="user-scalable=no"> in the 
content -- as indeed is done for ServiceLogin -- but the client's baseline 
assumption should be different.


What version of the product are you using? On what operating system?

7-Oct-2011 release of gtm-oauth2. Running on the XCode 4.2 iOS 5.0 simulator 
(bug originally reported on real hardware, though.)


Please provide any additional information below.

What steps will reproduce the problem?

1. Open the Touch Example App
2. Validate for App Store submission
3. Validator responds with - iTunes Store operation failed. The app references 
non-public selectors ... setCookies. See attached image.



What version of the product are you using? On what operating system?

The latest (r124)



Please provide any additional information below.

The following fixes the validation, but evidently will limit functionality if 
it breaks any sort of NSHTTPCookieStorage logic. 

Changing GTMHTTPFetcher.h:396

from:

- (void)setCookies:(NSArray *)newCookies;

to:

- (void)setCookiesNow:(NSArray *)newCookies;

& changing GTMHTTPFetcher.m:983

from:

[cookieStorage_ setCookies:cookies];

to;

[cookieStorage_ setCookiesNow:cookies];

Resource Owner Password Credentials Grant is not supported yet.
and in order to comply with the document "rfc6749", especially "4.5.  Extension 
Grants", provider-extended grant should be supported.

The code of GTMOAuth2ViewControllerTouch's -popView make the pop animation ugly:
    if (!self.view.isHidden) {
      // Set the flag to our viewWillDisappear method so it knows
      // this is a disappearance initiated by the sign-in object,
      // not the user cancelling via the navigation controller
      didDismissSelf_ = YES;

      if (popViewBlock) {
#if NS_BLOCKS_AVAILABLE
        popViewBlock();
        self.popViewBlock = nil;
#endif
      } else {
        [self.navigationController popViewControllerAnimated:YES];
      }
      self.view.hidden = YES;
    }

I think didViewAppear_ or didDismissSelf_ can by used instead of 
self.view.isHidden as the flag to determine the run path of code so that 
self.view.hidden need not be set to YES here.

What steps will reproduce the problem?
1. Initialize GTMOAuth2ViewControllerTouch with an instance of 
GTMOAuth2Authentication configured with a custom provider
2. Push the view controller instance on the navigation stack and wait for the 
login page to load 
3.

What is the expected output? What do you see instead?

An empty page is loaded if the login page is relying on basic HTTP 
authentication (example is an ADFS server). This is due to the fact that the 
UIWebView does not handle authentication and GTMOAuth2ViewControllerTouch does 
not mitigate this. Hence the support is not there. If the authentication 
endpoint URL is opened in Safari, a popup asking for credentials is shown.

What version of the product are you using? On what operating system?
Revision 117, iOS 5.1, iOS 6.1 OS X 10.8.5. Xcode 4.X.

Please provide any additional information below.

I was using 1.0.125 and it was showing correctly the uiwebview. When I updated 
my pods specs, that version updated to 1.0.126 and suddenly the webview stopped 
to show anything. I believe (because I didn't test it properly) isn't retaining 
the webview and closes before loading anything, so you can never login, etc...

DiskCookieStorage changing policy from 0 to 2, cookie file: 
file:///Users/James/Library/Developer/CoreSimulator/Devices/81664719-D3D3-4FAC-9
D68-4BA845AFB0F5/data/Containers/Data/Application/87A986CD-F7E2-4ED2-BC81-3EE208
9097C4/Library/Cookies/Cookies.binarycookies