Cannot authenticate "Error: invalid_scope" #71
Comments
|
Original comment by Diego Carrión (Bitbucket: 0x783czar, ). I started getting is error last Friday too, on two different accounts. |
|
Original comment by Richard Schuster (Bitbucket: richtubesockss, ). I get this error, and have tried changing the scope url parameter to the various scopes on https://developers.google.com/+/web/api/rest/oauth#authorization-scopes They succeed and give me a code, but pidgin gives me an auth error upon creating the account using each code I've tried. I double-checked on https://developers.google.com/oauthplayground/ and re-tried the url with all of the following scopes under "Google OAuth2 API v2," space-delimited (as per google documentation): [https://accounts.google.com/o/oauth2/auth?client_id=936475272427.apps.googleusercontent.com&scope=https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code](https://accounts.google.com/o/oauth2/auth?client_id=936475272427.apps.googleusercontent.com&scope=https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code) The request succeeds and gives me a code but I still get an auth error in pidgin. I don't see another sensible scope to try. As a last-ditch effort I tried adding guesses and got this error as a response: Error: invalid_scope Some requested scopes were invalid. {valid=[https://www.googleapis.com/auth/plus.login, https://www.googleapis.com/auth/plus.me, https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile], invalid=[OAuth2, oauthlogin, oauth2login, OAuthLogin, OAuth2Login, oauth2, oauth, OAuth]} |
|
Original comment by Anagh (Bitbucket: anaghzaccount, GitHub: anaghzaccount). I used Richard's first url and added a response type, it generated a code. The Google page says "Sign in to Google Search, Play and other Google apps on your Android TV.", and the generated code gives auth error on pidgin. Maybe tweak the code a bit? |
|
Original comment by Eion Robb (Bitbucket: EionRobb, GitHub: EionRobb). This is mentioned on the front page of the plugin, but pasting here in case it's missed: "...if you still have a working Hangouts on an existing version of Pidgin you can copy the access token out of the 'password' field in your ~/.purple/accounts.xml and paste that into the new accounts.xml while Pidgin is not running." Edit: oh, and that this is also being tracked in the hangups issue tracker since other 3rd party Hangouts apps/plugins aren't working tdryer/hangups#260 |
|
Original comment by Eion Robb (Bitbucket: EionRobb, GitHub: EionRobb). Theres a workaround to get the OAuth code at tdryer/hangups#260 (comment) |
|
Original comment by Michael Romeos (Bitbucket: mromeos, GitHub: mromeos).
|
|
Original comment by Anagh (Bitbucket: anaghzaccount, GitHub: anaghzaccount). +1. It works! |
|
Original comment by Paolo Lòpez (Bitbucket: paolo_lopez, ). I could not get oauth_code using: but yes using link dequis described at: I finally obtain oauth_code in "cookies tab" and then in "response cookie" (not "request cookie" because oauth_code are different) These steps worked for me using firefox. Regards, |
|
Original comment by Diego Carrión (Bitbucket: 0x783czar, ). dequis link worked for me, though since I was already logged in, I just needed to have the network tab open before loading the page (or refreshing it) |
|
Original comment by Violet (Bitbucket: bitbotcat, ). Edit: Sorry, had a question about using a Google apps account but I somehow got it working with this method. Yay! The question I have is that if I tried these methods a couple of times and failed, what happens to those other oauth keys that seemingly got created just by loading that page? I don't want them floating around creating a security hole. I notice that it doesn't appear under my normal Oauth apps in Google. How can I revoke them? |
|
Original comment by Xandor Schiefer (Bitbucket: zeorin, GitHub: zeorin). I just set this up on a new machine and I also noticed this. I tried tdryer/hangups#260 (comment) again and found a response cookie with that method. |
|
Original comment by dx (Bitbucket: dequisdequis, ). @mromeos that url doesn't have the required scopes for the hangouts connection to work at all, all it provides is userinfo.email. The cookie you're probably seeing is the one that was set when trying the programmatic_auth method first. @seitz followed the video? https://www.youtube.com/watch?v=hlDhp-eNLMU - it's easier if you log out of the account first. |
|
Original comment by cdellin (Bitbucket: cdellin, GitHub: cdellin). I wrote a little Python script to automate @dequisdequis's sweet workaround. If you sign on correctly in the window that pops up, it will dump the oauth_code found to the terminal. Works for me in Debian. https://gist.github.com/cdellin/6b9bae1310f2ee6b47ba3663bdcb1ded |
|
Original comment by dx (Bitbucket: dequisdequis, ).
Since you're asking: no, it's quite shitty and we'd rather not. Hangups has it easy because it's python and it just introduced a dependency to a third party library for html scraping. Not so easy here. On the bright side, I'm not the one who has to do it. Eion is a masochist and he likes protocols. Thanks Eion! |
|
Original comment by Matthew Hailwood (Bitbucket: hailwoodnz, ). Alrighty, So I'm getting a rather strange behaviour after following the above method, The contact list begins to populate, which is great, but shortly after that (1 second or so) the whole app crashes, upon which I'm asked for the oauth code again. Trying the process again has the same issues. |
|
Original comment by dx (Bitbucket: dequisdequis, ). @hailwoodnz Please open a new ticket, include a backtrace: https://developer.pidgin.im/wiki/GetABacktrace EDIT: also, if you're not using the latest commit, try with that |
|
Original comment by Sheree Grier (Bitbucket: Shaeree, GitHub: Shaeree). At first, using the 'dequis' method caused Pidgin to immediately crash on Windows (edit: to clarify--immediately after entering the OAuth code), and then immediately crash on start every time after that, as long as that account was in 'accounts.xml'. Even re-tried with a fresh Google account, and then with a fresh .purple folder, and always got the crash-on-startup. However, when I started over with a fresh Pidgin installation (big frowney face), it worked. |
|
Original comment by dx (Bitbucket: dequisdequis, ). Yeah at this point it's clear that all crashes happen to people who aren't running the latest version of the plugin. |
|
Original comment by Sheree Grier (Bitbucket: Shaeree, GitHub: Shaeree). Has there been a new version in the last hour? Update: Heh, dx. It was an older version, all right--but not an older version of puple-hangouts. Somehow, it was an older version of purple-facebook causing this. purple-facebook seemed to work fine by itself and with existing purple-hangouts account setups--I saw zero symptoms until I tried to add a new purple-hangouts account. Crash-issue is resolved after updating purple-facebook. Strange! |
|
Original comment by Colin Griffith (Bitbucket: Tynach, GitHub: Tynach). I'm not sure it's a good idea to try to reverse engineer this to the point that it doesn't load up a web page for authentication. In particular, I use 2-factor authentication, and so @cdellin's Python script fails - but it at least gave me the correct URL to open up in an incognito window so that I could get the oauth code manually. |
|
Original comment by Steven Mercurio (Bitbucket: [Steven Mercurio](https://bitbucket.org/Steven Mercurio), ). Can the dequis workaround be added to the readme under the 400 issue for easy reference as it does seem to be a working workaround? I am not a web developer but would the best solution to this issue be a Chrome or Firefox plugin that goes basically what the workaround does? |
|
Original comment by Eion Robb (Bitbucket: EionRobb, GitHub: EionRobb). @smercurio Good idea, thanks... I've added that to the readme on the front page :) |
|
Original comment by Sheree Grier (Bitbucket: Shaeree, GitHub: Shaeree). I have to update the oauth code on two accounts every month, and having the video pop up every time is pretty annoying, especially since it steals the focus from me pasting the oauth code to do it. Any chance maybe the video popup could be replaced with a link to tdryer/hangups#260 (comment) on the oauth popup instead? |
|
Original comment by Sheree Grier (Bitbucket: Shaeree, GitHub: Shaeree). I'm not sure what you mean by "remotely logging out the plugin", but it happens every time my computer reboots after patching, which is once a month. (it doesn't happen during other reboots.) I just figured the code was expiring after a month... Is that not the case? One of the accounts is a standard gmail account, the other is a gapps account that hands authentication off to our CAS and uses Duo 2FA. It's both of them every time. |
Original report by Eion Robb (Bitbucket: EionRobb, GitHub: EionRobb).
When trying to authenticate in the browser with the plugin at the url
https://accounts.google.com/o/oauth2/auth?client_id=936475272427.apps.googleusercontent.com&scope=https://www.google.com/accounts/OAuthLogin&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code
there is an error message
Error: invalid_scope.
The text was updated successfully, but these errors were encountered: