7:39 p.m.
-----Original Message-----
From: Patrick Ohly [mailto:patrick.ohly@intel.com]
Sent: Monday, July 29, 2013 11:51 AM
To: Valluri, Amarnath
Cc: Laako, Jussi; Kanavin, Alexander; SyncEvolution; ken(a)vandine.org;
Alberto Mardegan
Subject: Re: getting started with gSSO (was: Re: SyncEvolution + SSO +
credentials)
On Thu, 2013-07-25 at 09:47 +0000, Valluri, Amarnath wrote:
> Please use oauth2 example in libgsignon-glib - examples branch, which
is the complete working example.
>
> Usage:
> ./google-oauth2-example --create-identity="some_caption" --identity-
method="oauth"
> ./google-oauth2-example --get-google-
token=<<identity_id_returned_above>> --cilent-
id=<<client_id_given_by_google>> --client-
secret=<<client_secret_from_google>>
>
> It should popup the SignonUI where you can enter your google
> credentials, then if everything goes well that should fetch tokens
> from google.
I tried it using the latest gsignond(devel), libgsignon-glib(examples),
signonui-gtk and gsignond-plugin-oa from this morning.
[Amarnath] gsignond-plugin-oa: I hope you are using devel branch.
I can create and query identities, but getting the token fails. It
hangs with "Geting token" (yes, there is a typo in the message ;-)
without popping up a UI dialog.
I know that it talks to the GTK UI, because if I try the example without
gsignon-ui running, I get an error from gsignond immediately:
(gsignond:28739): gsignond-WARNING **:
87679.089922 /home/pohly/src/accounts-sso/accounts-
sso.gsignond/src/daemon/dbus/gsignond-dbus-signonui-adapter.c:182
_setup_ui_connection Failed to get signon ui bus address :
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name
com.google.code.AccountsSSO.gSingleSignOn.UI was not provided by any
.service files
(gsignond:28739): gsignond-WARNING **:
87679.090017 /home/pohly/src/accounts-sso/accounts-
sso.gsignond/src/daemon/dbus/gsignond-dbus-signonui-adapter.c:258
gsignond_dbus_signonui_adapter_query_dialog assert (!adapter
||!GSIGNOND_IS_DBUS_SIGNONUI_ADAPTER (adapter)) failed
That is as expected, in my installation D-Bus auto-activation of these
services does not work. However, it is unexpected that the example keeps
running in this particular error scenario. Shouldn't it abort the
attempt to get the token and display some kind of error?
[Amarnath] Oops, It should be a bug in gsignond. We will fix it.
When I have signonui-gtk running when trying the command, that error
message does not show up, but there's no visible progress either.
signonui-gtk then quits fairly quickly, as it always does when starting
it manually. May I suggest adding a "--keep-running" option to simplify
manual debugging?
[Amarnath] You can build UI with --disable-timeout option, that disables
auto kill timer.
Speaking of terminating, I noticed that the GUI works if I start
gsignond, then signonui-gtk and the example before that signonui-gtk
instance terminates. After restarting signonui-gtk, it no longer works
until I also restart gsignond. If I had to guess, then I would say
gsignond does not properly handle restarting the UI.
[Amarnath] This is strange for me, It's atleast working fine in my testing.
I suspect its problem with gsignond<->gsignond-plugind interaction. I suggest
to enable plugin timeout:
- build gsignond with --enable-debug option
- set SSO_PLUGIN_TIMEOUT=_timeout_in_seconds_
- then run gsignond
So how do I debug gsignond and its interaction with the various
components?
I saw with dbus-monitor that
com.google.code.AccountsSSO.gSingleSignOn.UI is claimed by signonui-gtk
on the session bus, but I don't see any method calls to that service
even when it works.
[Amarnath] gsignond<->signonui-gtk does not use message bus, they talk on
peer-to-peer dbus, Session bus is only used on to wake-up ui daemon.
I would suggest to use G_DBUS_DEBUG.
When the GUI pops up, I can log in. But Google rejects to grant the
token. When using client ID/secret from Evolution (as pointed out before
in this mail thread, those are publicly visible in
https://git.gnome.org/browse/evolution-data-server/tree/modules/ubuntu-
online-accounts/google-contacts.service.in.in) I get an error about the
redirect URI "http://localhost" that is used by the example.
[Amaranth] I think you should replace the 'RedirectURI' in example code to
use :
'https://live.gnome.org/Evolution'
When using my own client ID/secret for an app for which I have enabled
the CalDAV API, I get an error about the scope "email" hard-coded in the
example. Not surprising. So, which Google API do I need to enable for
the example? I looked for "GMail" or "mail", but that is not
currently
offered to me.
[Amarnath] A wild guess : Scope is 'calendar' in this case.
Cheers,
Amaranth
---------------------------------------------------------------------
Intel Finland Oy
Registered Address: PL 281, 00181 Helsinki
Business Identity Code: 0357606 - 4
Domiciled in Helsinki
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.