I have successfully used the OAuth1.0 + OpenID Hybrid protocol for authentication with Google and after that I used its services.
However, I encountered an error for a specific user account. My current thread:
Perform discovery
redirect the user to the provider with the OpenID and OAuth parameters (for example: https://accounts.google.com/o/openid2/auth?https://accounts.google.com/o/openid2/auth?openid.ns=http://specs.openid.net/auth/2.0&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&.....&openid.ns.ext2=http://specs.openid.net/extensions/oauth/1.0&openid.ext2.consumer=mywebsite.com&openid.ext2.scope=https://picasaweb.google.com/data+https://www-opensocial.googleusercontent.com/api/people/+http://www.google.com/m8/feeds/ )
Once the user successfully authenticates and approves the permission request, the application returns back to the above callbackurl with a line similar to the above request, from which I extract the authorization token from "openid.ext2.request_token", and then I get the access token by passing it.
However, for a specific user account, instead of transferring the result, as indicated above, after successful authentication and granting permission, Google redirects to some URL https://accounts.google.com/o/openid2/approval?xsrfsign=AC9jObYAAAAATpF6x6S6Ac7MfHaZ , and then back to my application without any parameters in the query string.
The same code works fine for other accounts. I canβt determine what could be special for one account (except that I created it only last month). As a note, this only happens when I include picasa in scope. If I exclude picasa, it works.
Please help us with this.
source share