Attempt to exchange Google's authorization code when given one instead of as a JWT #997
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
flaviofernandes004
force-pushed
the
ff-fix-auth-flow
branch
2 times, most recently
from
24faccf
to
772a5d7
Compare
flaviofernandes004
changed the title
flaviofernandes004
force-pushed
the
ff-fix-auth-flow
branch
from
a167763
to
1f41b96
Compare
| c.logger.Debug("Exchanged an authorization code for an access token.", zap.Any("token", t), zap.Error(err)) | ||
|
|
||
| profile := GooglePlayServiceProfile{} | ||
| if err := c.request(ctx, "google play services", "https://www.googleapis.com/games/v1/players/me?access_token="+url.QueryEscape(t.AccessToken), nil, &profile); err != nil { |
There was a problem hiding this comment.
this requires the following scope: https://developers.google.com/games/services/web/api/players/get#auth
There was a problem hiding this comment.
Let's make sure this gets documented. 👍
flaviofernandes004
changed the title
|
I was able to authenticate correctly with version 0.11.1 of the google play unity plugin. So I'd say it's working. Couple of things regarding the config:
|
|
Awesome, thank you for taking a look. The content of the config |
zyro
requested changes
Mar 22, 2023
main.go
Outdated
| @@ -132,8 +134,18 @@ func main() { | |||
| // Check migration status and fail fast if the schema has diverged. | |||
| migrate.StartupCheck(startupLogger, db) | |||
|
|
|||
| var googleAuthConf *oauth2.Config | |||
There was a problem hiding this comment.
Move this into the config, similar to the RuntimeConfig.Environment field which is computed and stored after config is read.
| c.logger.Debug("Exchanged an authorization code for an access token.", zap.Any("token", t), zap.Error(err)) | ||
|
|
||
| profile := GooglePlayServiceProfile{} | ||
| if err := c.request(ctx, "google play services", "https://www.googleapis.com/games/v1/players/me?access_token="+url.QueryEscape(t.AccessToken), nil, &profile); err != nil { |
There was a problem hiding this comment.
Let's make sure this gets documented. 👍
zyro
approved these changes
Mar 22, 2023
deflinhec
added a commit
to deflinhec/nakama
that referenced
this pull request
Mar 30, 2023
* master: (27 commits) Satori API integration fixes (heroiclabs#1005) Attempt to exchange Google's authorization code when given one instead of as a JWT (heroiclabs#997) manually revert protobufany and updategroup in swagger.json (heroiclabs#1003) Make haystack cursors consistent with listing (heroiclabs#994) Support purchases-not-null-uid.sql migration on crdb. (heroiclabs#992) Add runtimes satori integration (heroiclabs#993) Disconnect banned users (heroiclabs#1001) Add runtime http insecure flag (heroiclabs#1002) Add Go runtime GroupUpdate userID param (heroiclabs#996) Better handling of matchmaker operations while the interval process is running. Ensure direct message channel message listing is correctly scoped to participants only. Update get purchase/subscription signature (heroiclabs#990) Fix reversal of open/closed group listing filter (heroiclabs#989) Always log out a deleted user (heroiclabs#987) Listing returned vars (heroiclabs#986) Add tournament record delete runtime functions. (heroiclabs#977) Improve google refund polling handling. (heroiclabs#982) Console user and authentication improvements. (heroiclabs#978) Console session handling improvements. (heroiclabs#979) Fix google purchase upsert query. (heroiclabs#973) ... # Conflicts: # console/ui/dist/prod-nt/index.html # console/ui/dist/prod/index.html
deflinhec
added a commit
to deflinhec/nakama
that referenced
this pull request
Mar 30, 2023
* master: (27 commits) Satori API integration fixes (heroiclabs#1005) Attempt to exchange Google's authorization code when given one instead of as a JWT (heroiclabs#997) manually revert protobufany and updategroup in swagger.json (heroiclabs#1003) Make haystack cursors consistent with listing (heroiclabs#994) Support purchases-not-null-uid.sql migration on crdb. (heroiclabs#992) Add runtimes satori integration (heroiclabs#993) Disconnect banned users (heroiclabs#1001) Add runtime http insecure flag (heroiclabs#1002) Add Go runtime GroupUpdate userID param (heroiclabs#996) Better handling of matchmaker operations while the interval process is running. Ensure direct message channel message listing is correctly scoped to participants only. Update get purchase/subscription signature (heroiclabs#990) Fix reversal of open/closed group listing filter (heroiclabs#989) Always log out a deleted user (heroiclabs#987) Listing returned vars (heroiclabs#986) Add tournament record delete runtime functions. (heroiclabs#977) Improve google refund polling handling. (heroiclabs#982) Console user and authentication improvements. (heroiclabs#978) Console session handling improvements. (heroiclabs#979) Fix google purchase upsert query. (heroiclabs#973) ... # Conflicts: # console/ui/dist/prod-nt/index.html # console/ui/dist/prod/index.html
deflinhec
added a commit
to deflinhec/nakama
that referenced
this pull request
Mar 30, 2023
* master: (27 commits) Satori API integration fixes (heroiclabs#1005) Attempt to exchange Google's authorization code when given one instead of as a JWT (heroiclabs#997) manually revert protobufany and updategroup in swagger.json (heroiclabs#1003) Make haystack cursors consistent with listing (heroiclabs#994) Support purchases-not-null-uid.sql migration on crdb. (heroiclabs#992) Add runtimes satori integration (heroiclabs#993) Disconnect banned users (heroiclabs#1001) Add runtime http insecure flag (heroiclabs#1002) Add Go runtime GroupUpdate userID param (heroiclabs#996) Better handling of matchmaker operations while the interval process is running. Ensure direct message channel message listing is correctly scoped to participants only. Update get purchase/subscription signature (heroiclabs#990) Fix reversal of open/closed group listing filter (heroiclabs#989) Always log out a deleted user (heroiclabs#987) Listing returned vars (heroiclabs#986) Add tournament record delete runtime functions. (heroiclabs#977) Improve google refund polling handling. (heroiclabs#982) Console user and authentication improvements. (heroiclabs#978) Console session handling improvements. (heroiclabs#979) Fix google purchase upsert query. (heroiclabs#973) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To actually run the server with the code in this PR, the following steps are necessary:
go build -trimpath -mod=vendorat the root folder and this should create anakamafiledocker-compose -f ./docker-compose-postgres.yml up postgres./nakama --name nakama1 --database.address postgres:localdb@0.0.0.0:5432/nakama --logger.level DEBUG --session.token_expiry_sec 7200 --config ./<insert-nakama-custom-conf-location>.yamlNotice that in step 5 we are, essentially, replacing the db address from
postgres:localdb@**postgres**:5432/nakamatopostgres:localdb@**0.0.0.0**:5432/nakama. To allow your local process to communicate with the database running in docker.New configuration that is required to allow the server to exchange the authorization code for an access token.
It should be obtained by following these instructions: https://developers.google.com/games/services/console/enabling#b_create_a_credential