Azure Google Authentication shows Error:disallowed

2018-07-03 17:53:53

I encountered this error quite recently Error Message

I think it's due to this change in Google Oauth: https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html.

I'm using Azure Authentication service to authenticate my iOS application written in Xamarin Forms (C#).

The code requests Azure Authentication service:

var window = UIKit.UIApplication.SharedApplication.KeyWindow;
var root = window.RootViewController;
if(root != null)
{
    var current = root;
    while(current.PresentedViewController != null)
    {
        current = current.PresentedViewController;
    }

    var user = await AzureService.Instance.Client.LoginAsync(window.RootViewController, MobileServiceAuthenticationProvider.Google, new Dictionary<string, string>() { { "access_type", "offline" } });
    return user;
}

The URL request is:

using(var client = new HttpClient())
{
    const string url = "https://www.googleapis.com/oauth2/v3/userinfo?alt=json&suppress_webview_warning=true";
    client.DefaultRequestHeaders.Add("Authorization", token);
    var json = client.GetStringAsync(url).Result;
    var profile = JsonConvert.DeserializeObject<GoogleUserProfile>(json);
    return profile;
}

However it still shows me the error: The Azure authentication for Google is setup correctly as I have been using this setup for over a month until recently. Anyone got the same problem or any idea how to solve this problem?

The short version is that Google changed the OAuth protocol to be "more secure". We are currently working on updates to the various client SDKs to enable the new more secure method, which affects server-flow only.

The short version of what to do is to implement client-flow. Integrate the Google SDK into your app and then send that received token to the backend. Since you are in Xamarin.Forms, this will mean implementing something in the platform-specific code.

Sorry, I don't have an example of this. I have done FB auth and AAD auth, but not Google auth at this point. The concepts are the same, however. You need to do Google Auth in your platform specific code, then call the ZUMO auth endpoint using something akin to this:

public async Task<MobileServiceUser> LoginAsync(MobileServiceClient client)
{
    // Call the code to do the Google Auth via the Google SDK
    var accessToken = await LoginGoogleAsync();
    // Construct and call the client-flow ZUMO auth
    var zumoPayload = new JObject();
    zumoPayload["access_token"] = accessToken;
    return await client.LoginAsync("google", zumoPayload);
}

The next release of each Azure Mobile Apps SDK will include the Google OAuth changes. I don't have a timeline for those releases, unfortunately.

链接地址: http://www.djcxy.com/p/94008.html

上一篇: 增加大的效率

下一篇: Azure Google身份验证显示错误：不允许