0

So i got an application witch uses cloud endpoints in order to connect with app engine backend. Its working perfectly on physical devices and andy emulator.

Yet when i try to authenticate on arc i get following error in javascript console

Authentication error Error: Invalid OAuth2 scopes

with the following stack

"Error: Invalid OAuth2 scopes.
at Error (native)
at Object.callback (chrome-extension://kanlgeedkacgohmccakppmlicnfgfpnl/_modules/mfaihdlpglflfgpfjcifdjdjcckigekc/gen_index.min.js:36:159)
at safeCallbackApply (extensions::sendRequest:21:15)
at handleResponse (extensions::sendRequest:73:7)"

Error happens on auth.js:94 witch looks like this

/** @private */
AuthManager.prototype.handleGetAuthToken_ = function(message) {
console.log('Authentication requested', message);

var reply = (function(data) {
var responseMessage = {
  namespace: 'androidIdentity',
  command: 'getAuthTokenResponse',
  data: data
};
  this.plugin_.postMessage(responseMessage);
}).bind(this);

var options = { 'interactive': true };
var scopes = this.parseScope_(message.data.tokenType);
if (scopes.length > 0) {
options.scopes = scopes;
}

// This call will pop up a window to ask user for permission to grant
// permissions of the given OAuth2 scopes, or declared scopes in
// manifest.json as a fallback.
//
// For non-signed-in Chrome session, this will open up a window to ask the
// user to sign in to Chrome first.
PromiseWrap.getAuthToken(options).then(function(token) {
  console.log('Authentication successful');
   reply({token: token});
   }, function(error) {
     console.error('Authentication error', error); // line 94 is here :(
     reply({error: error.message});
   });
};

I followed these steps:

1- download zip from arc welder
2- upload to chrome webstore
3- get id + "crx_key" from chrome webstore
4- get chrome key from developer console associated with application
5- launch arc welder and add oauth key 
6- add metadata "usePlayServices": ["gcm", "plus","location", "maps"],"crx_key":"<KEY FROM WEBSTORE>"
7- launch app - chose google account - get an oauth exception

I cannot get logcat data, all it do its printing ridiculously fast that it cannot connect, oh and i'm doing that on mac.

Edit

It appears that endpoints are using deprecated scope of

    https://www.googleapis.com/auth/userinfo.email
Community
  • 1
  • 1
Adam Fręśko
  • 1,064
  • 9
  • 14

1 Answers1

1

[edit]

Cross client authentication is not yet supported on ARC. If the app requests auth token for scope like "oauth2:server:client_id:9414861317621.apps.googleusercontent.com:api_scope:resource-1 resource-2", it won't work yet. Here is an related bug for tracking.

[original]

Did you enable "Google+ API" on Google Developers Console?

By the way, you should create the Chrome Apps client under the same project as your Android app, if you didn't. That way, you don't need to open APIs again.

Victor
  • 347
  • 1
  • 6
  • Thanks for answear kind sir. Yes i have that enabled, but it should be not needed since i'm not using "https://www.googleapis.com/auth/plus.login" – Adam Fręśko Apr 11 '15 at 02:52
  • I read the problem again. Are you using "ah" scope in AccountManager for App Engine? It's not supported on ARC unfortunately since it's not OAuth. Here is how to double check: before the line "Authentication error", there should be a "Authentication requested" followed by the scope being requested. – Victor Apr 11 '15 at 16:56
  • Log data for that looks like this: Authentication requested Objectcommand: "getAuthToken"data: ObjecttokenType: "audience:server:client_id:" – Adam Fręśko Apr 12 '15 at 02:13
  • I see the problem. ARC doesn't currently support cross client authentication (https://developers.google.com/identity/protocols/CrossClientAuth) yet. https://code.google.com/p/chromium/issues/detail?id=297129 is the related bug. I'll update my answer for future reference. – Victor Apr 13 '15 at 17:51
  • Oh, i was thinking of going this lead :) Yes my app uses cross authentication. I guess we all need to note that ARC app is also a chrome app with its limitations. Thanks! – Adam Fręśko Apr 14 '15 at 01:26