none
"post of google token is not supported" 405 error RRS feed

  • Question

  • So I was very excited that the latest android sdk contains a direct hook up into android's native account manager thru

    MobileServicesClient.loginWithGoogleAccount(Activity activity, android.accounts.Account account, final UserAuthenticationCallback callback).

    And it works fine, until the last step in LoginManager:

    private void authenticateWithToken(String token, String url,
                final UserAuthenticationCallback callback) {

            // Create a request
            final ServiceFilterRequest request = new ServiceFilterRequestImpl(
                    new HttpPost(url), mClient.getAndroidHttpClientFactory());
            request.addHeader(HTTP.CONTENT_TYPE, MobileServiceConnection.JSON_CONTENTTYPE);

    The method generates a payload, auth token is there and looks good, but then after post you are greeted with: 405 post of google token is not supported.

    Now, this whole loginWithGoogleAccount flow is designed for android phones that are backed by the google auth provider. How can there be a 'not supported response?' Is this a future feature? What's the story behind it? Didn't see it documented anywhere - just stumbled upon it. Is there a way to send the token as a GET?

    Would appreciate any insight. Thanks guys!

    Tuesday, November 19, 2013 4:11 AM

All replies

  • I'm getting the same error when using the instructions posted on this page for how to do a client directed login using a google token.

    msdn.microsoft.com/en-us/library/windowsazure/jj710106.aspxerr

    Thursday, November 21, 2013 1:19 AM
  • You fudged a link a bit: http://msdn.microsoft.com/en-us/library/windowsazure/jj710106.aspx

    Didn't even know that info was posted. More reason for it to work then.

    Thursday, November 21, 2013 1:59 AM
  • Another person had a similar error when trying to set the Google token this way and the answer from Yavor (from the Mobile Services team) was that it was not currently supported but should be in the next few weeks. That was on Oct 8th so I am not sure if it should be working or not yet. Here is the question/answer on StackOverflow: http://stackoverflow.com/questions/19255633/azure-error-client-side-authentication-flow-with-google-is-not-supported

    But, that 'Client-directed login operation' documenation on the Azure site sure makes it seems like it should be working.

    Thursday, November 21, 2013 7:11 PM
  • Thanks for the info! If that's the case, we can't launch till that's available...
    Thursday, November 21, 2013 7:28 PM
  • There was a change in the service today. The POST is now enabled and it now requests "code and id_token". I will play with it and post results. If someone got it working, please post here as well.
    Saturday, November 23, 2013 5:25 PM
  • I think the format needs to be:

    {   

    "code": "4/P7q7W91a-oMsCeLvIaQm6bTrgtp7",

    "id_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.QR1Owv2ug2WyPBnbQrRARTeEk9kDO2w8qDcjiHnSJflSdv1iNqhWXaKH4MqAkQtMoNfABIPJaZm0HaA415sv3aeuBWnD8J-Ui7Ah6cWafs3ZwwFKDFUUsWHSK-IPKxLGTkND09XyjORj_CHAgOPJ-Sd8ONQRnJvWn_hXV1BNMHzUjPyYwEsRhDhzjAD26imasOTsgruobpYGoQcXUwFDn7moXPRfDE8-NoQX7N7ZYMmpUDkR-Cx9obNGwJQ3nM52YCitxoQVPzjbl7WBuB7AohdBoZOdZ24WlN1lVIeh8v1K4krB8xgKvRU8kgFrEn_a1rZgN5TiysnmzTROF869lQ.AxY8DCtDaGlsbGljb3RoZQ"

    }

    See https://developers.google.com/accounts/docs/OAuth2Login#sendauthrequest for more info on how to obtain the code and id_token.

    It seems like this is a reduction in user-friendliness to require the code and id_token to be passed instead of the access_token. The Mobile Service would normally retrieve the code and then exchange it for an access token (and id token) if you go through the server-directed flow, so it would be nice to not have to provide data from both of those steps.

    Saturday, November 23, 2013 6:36 PM
  • I got the whole flow implemented in the client. Finally I submit my code and id_token to azure and get back {"code":401,"error":"Error: The Google API request failed with HTTP status code 400"}. Google responds with 400 for an invalid_request. So azure is supposed to make a verification call on its end and that logic does not seem to work.

    What needs to happen is azure makes call to google with code, client_id, and client_secret (ones stored in the portal) and then compares the id_token that it receives with the id_token I sent it.

    The only discrepancy I could possibly see is that I use redirect_uri=urn:ietf:wg:oauth:2.0:oob (to get the auth code in the browser title bar - the only way to get the code within a native application), and Azure might be using a different redirect_uri (such as https://appname.azure-mobile.net/login/google).



    Monday, November 25, 2013 1:18 AM
  • Hello,

    A few weeks back we found a security issue in the client-side login flow for Google, which is why it was disabled as Yavor mentioned in the StackOverflow post. We're currently working to reenable that scenario, but the documentation is currently out-of-date, and we'll definitely update the client SDK to make it more user-friendly.

    As soon as I get more information from the product team about this scenario I'll update this post.


    Carlos Figueira

    Monday, November 25, 2013 3:18 AM
    Moderator
  • Thanks for the update, Carlos
    Monday, November 25, 2013 3:24 AM
  • Hy Guys...

    I have the google and twitter problem also, I want to login "silently" if you renter the app....

    I user the method : 

    LoginAsync(String identityProvider, jToken);


    As it says here: http://msdn.microsoft.com/en-us/library/windowsazure/dn296411.aspx and here : http://msdn.microsoft.com/en-us/library/windowsazure/jj710106.aspx

    for Google I pass access_token but no luck...for facebook it worked...Any suggestions?

    P.S.: for google...I see :

    {    
    "code": "4/P7q7W91a-oMsCeLvIaQm6bTrgtp7",
    "id_token": ""

    Where can I get the code field value ?


    Wednesday, February 19, 2014 10:49 PM
  • Carlos, is there an update on this issue?

    Will public void loginWithGoogleAccount(Activity activity, Account account, String scopes, final UserAuthenticationCallback callback) ever work again?

    Wednesday, August 27, 2014 7:53 PM
  • This is finally fixed. You shouldn't use "loginWithGoogleAccount" yet, though, as the format has changed. Check out the blog post at http://azure.microsoft.com/blog/2014/10/27/logging-in-with-google-microsoft-and-facebook-sdks-to-azure-mobile-services/ for more information on how this can be implemented.

    Carlos Figueira

    Monday, October 27, 2014 11:25 PM
    Moderator