[Dev] gsignond oauth plugin issue for mobiles

BINDU CHAITANYA TUMMALA bc.tummala at samsung.com
Wed Sep 24 10:23:42 GMT 2014


      We are using gSSO-example for mobile taken from upstream.
while using gsignond oauth mechanism, we found following issue.

As per google developer doc (https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi), there can be two types of redirect uri for oauth 2.0:
1) http://localhost
2) urn:ietf:wg:oauth:2.0:oob
- Issue with http://localhost
      The upstream gsso-example uses http://localhost:9999 as redirect uri. And if we use as it then it is giving SSL handshake error while calling authentication (gsso-example --get-google-token option).

- Issue with urn:ietf:wg:oauth:2.0:oob
      If we use urn:ietf:wg:oauth:2.0:oob as redirect uri then after entering username/password a web dialog appears which says "Please copy the below code and paste it into your application.”
And the gsso-example never gets the token. If we need to use this oob redirect uri in this case, as per google doc we need to listen to web title changes (the authorization code will come as web title with the format like : Success state=XXXXX&code=MY_ACCESS_TOKEN).
Modification of signonui-efl is required such that it listens to webkit title changes and also gsignond-plugin-oauth should be changed so that it parses the same accordingly.

so we would like to know whether localhost option can be used for mobile, if not for option oob should there be any modification from gSSO side.

best regards

More information about the Dev mailing list