I have an app on node.js using everyauth authentication returning tokens of the form
{ access_token: 'ya29.AHES6ZTlm9qdoFuY9sdpdmFTJISGaQ_69LnW8fszSzPjSCs',
token_secret:
{ token_type: 'Bearer',
expires_in: 3600,
id_token: 'eyJhbGciOisdUzI1NiJ9.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiaWQ
iOiIxMTQ0MDU3NTM5MTg1NTk1Mzc3NzciLCJhdWQiOiI0NDcwOTkyNjgzMjAuYXBwcy5nb29nbGV1c2V
yY29udGVudC5jb20iLCJjaWQiOiI0NDcwOTkyNjgzMjAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20
iLCJ0b2tlbl9oYXNoIjoicEFXMDBIaUdaSWNRaWMtM09TLU9vQSIsImlhdCI6MTM0NjMyMzQwMiwiZXh
wIjoxMzQ2MzI3MzAyfQ.HUAhg2hdBUB2n1oUFW_9MOxAyr2O7u8GFkShxggTL2o2tBpwIi0_jLIuD1ri
mGkZwdlR5DwjODe4w2w2rLzPpb3YPCeh19zWg7pxP0huqvuVl3cPLXOkWxke46WIH9KNSQbV3oX34GA4
jTvzEV2-HCR_-GhDeG245FTSpxYpTnE',
refresh_token: '1/Ns-89zzHPbIJlFYXAOCn4dKqxklN4Wc0Og-Gga5XSJA' } }
At this point how do I make an 'authorized request' (get a list of files)?
I've tried using node-auth in this form:
googleOAuth = new OAuth("https://accounts.google.com/o/oauth2/auth",
"https://accounts.google.com/o/oauth2/token",
config.clientID, config.secret,
"1.0A", undefined, "HMAC-SHA1");
googleOAuth.get('https://www.googleapis.com/drive/v2/files/list', token.access_token, token.token_secret.id_token, function (error, data) {
if(error){
console.log(error)
}else{
console.log(data)
}
});
After I've clicked 'Allow access' on the google prompt, the googleOAuth.get logs the error
{"error":{"statusCode":401,"data":"{\n \"error\": {\n \"errors\": [\n {\n \"domain\": \"global\",\n \"reason\": \"authError\",\n \"message\": \"Invalid Credentials\",\n \"locationType\": \"header\",\n \"location\": \"Authorization\"\n }\n ],\n \"code\": 401,\n \"message\": \"Invalid Credentials\"\n }\n}\n"}}
What authentication should I be passing with my get request to get a valid file listing?
It seems odd using two authentication libraries. I'm not sure how I can make a signed request with everyauth, though. It seems to be for 'logging in with' a service only.
1) In my everyauth register users function I updated the scope to include google drive.
exports.register = function register (everyauth, conf, users) {
everyauth['google']
.appId(conf.google.clientID)
.appSecret(conf.google.secret)
.scope('https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/userinfo.profile') // ADDED ADDITIONAL SCOPE VALUE HERE
.findOrCreateUser(function (sess, token, accessTokenExtra, googleUserData) {
var user = users.find('google', token);
if (user) {
return user;
} else {
return users.add('google', sess.id, token, accessTokenExtra, googleUserData);
}
})
.redirectPath('/');
};
2) In my request I abandoned node-oauth and use request, with the access token as a parameter.
// was googleOAuth.get('http.... etc
request('https://www.googleapis.com/drive/v2/files?access_token= + token.access_token, function (error, response, body) {
if(error){
callback(error, null);
}else{
callback(null, data);
}
});
3) At this point I'm now getting 403 errors returned, instead of 401 errors.
The missing action was to set Google Drive API as well as Google Drive SDK on in my control panel as per the answer to this question https://stackoverflow.com/a/10370391/1408316