Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Google Client Login Error: Login Failed" since 2015/5/26 #72

Open
ArxArcher opened this issue May 27, 2015 · 21 comments
Open

"Google Client Login Error: Login Failed" since 2015/5/26 #72

ArxArcher opened this issue May 27, 2015 · 21 comments

Comments

@ArxArcher
Copy link

Hi, all
I have encountered error message "Google Client Login Error: Login Failed" since 2015/5/26.

I use "Username and Password" authentication, the google account & password are not misspelled, I can use them to login and retrieve spreadsheet data normally before 2015/5/26.

Any help will be greatly appreciated :)

@jpillora
Copy link
Owner

Uh ohhhh https://developers.google.com/api-client-library/java/google-api-java-client/client-login

Important: Do not use ClientLogin for new applications. Instead, use the more secure OAuth 2.0 authentication protocol. ClientLogin is a deprecated authentication protocol, which is being turned down on April 20, 2015. At that time, ClientLogin requests will no longer be answered. If you have existing applications that use ClientLogin, you must migrate to OAuth 2.0. The ClientLogin support in this library will be removed in the next major release.

@ArxArcher ArxArcher changed the title "Google Client Login Error: Login Failed" "Google Client Login Error: Login Failed" since 2015/5/26 May 27, 2015
@jpillora
Copy link
Owner

Seems like Google is killing client logins, this will need a documentation fix

@cosmicscr
Copy link

I'm seeing the same 'login failed' error today. I just started using this library so I thought there was something wrong with my credentials. Can this module be used with OAuth 2.0?

@jpillora
Copy link
Owner

I think you can use the Google API Console to generate a static token where you can use it like this https://github.com/jpillora/node-edit-google-spreadsheet#basic-usage

@jpillora
Copy link
Owner

Would be good if someone could confirm this process so the docs can be updated

@jpillora jpillora added the bug label May 27, 2015
@cosmicscr
Copy link

cool thanks for the tip. I'll be looking into this in the next few days and I'll let you know if I come up with anything valuable.

@RamonGebben
Copy link

Same problem here. People at my desk asking why apps don't work anymore.
Let's work on a fix that works with oAuth.

Anybody wanna make a tasklist?

@dimitrydeclercq
Copy link

The easiest way I found to fix this:

  1. Go to https://console.developers.google.com
  2. Create a project
  3. In the project, go to 'APIs & Auth' -> 'Credentials' and 'Create New Client ID'
  4. Select 'Service Account' as the type and p12 as your container
  5. Convert the downloaded p12 to PEM with 'openssl pkcs12 -in [the pem file] -out google-oauth.pem -nocerts -nodes
  6. In your code, where you do the login via user/pass change it to:
oauth : {
  email: '[mail address stated next to your created client id]', // something like '[email protected]'
  keyFile: 'google-oauth.pem' // make sure the path is correct
}
  1. Share documents with the above mail address

I think that's about all I did to get it back working

@jpillora
Copy link
Owner

@Dredalious thanks, though I'm wondering if there's a way to create a static access key

@dimitrydeclercq
Copy link

I tried finding that as well, but didn't come up with something that worked. I'm guessing the static thing is for when you have another process that retrieved the oauth token, so you can reuse it without requesting a new/other one.

@cosmicscr
Copy link

I managed to get OAuth 2 working independently, the result of which is an access token (a string) that needs to be passed along in the API urls. It seems that perhaps all we need to do is add a new authentication path in the library that just takes an OAuth 2 access token (which you obtain separately) then the library is perfectly usable again... just choose to pass in an access token. I won't be able to look into this for a few days but thought I would share this thought right away.

@tonyspiro
Copy link

Thanks @Dredalious. I found the Google way to create the pem worked for me:

https://cloud.google.com/storage/docs/authentication

$ cat /path/to/xxxx-privatekey.p12 | openssl pkcs12 -nodes -nocerts -passin pass:notasecret | openssl rsa > /path/to/secret.pem

@cybic
Copy link
Contributor

cybic commented May 28, 2015

I worked around this by:

  • Creating a OAuth clientid for "other" installed application in google developer console
  • Creating a oAuth2 token-set using https://github.com/google/google-api-nodejs-client/blob/master/examples/oauth2.js (with some simple modifications to ask for drive.readonly permissions.
  • Storing the refresh_token (and timestamp, for that matter)
  • making an accessToken function using googleapis module's google.auth.OAuth2 and the refresh token to make an access token.

Some extra steps, but in effect I get the same as login with username/password

@RamonGebben
Copy link

@cybic Do you have a fork so others could apply the work around?

@cybic
Copy link
Contributor

cybic commented May 28, 2015

@RamonGebben unfortunately I've only done it outside this module, I might be able to make a PR, though not before tonight (CEST).

@cybic
Copy link
Contributor

cybic commented May 28, 2015

@RamonGebben I managed to create a working solution, now. There are some hoops to be jumped through, but I've also provided an adapted script based on googleapis oauth2 example. The script must be edited and run to get you through the process of granting permissions using the OAuth2 mechanism.

Please, do try it, and ask if anything is unclear.

@cybic
Copy link
Contributor

cybic commented May 28, 2015

Created PR #73 from my fork.

@jpillora
Copy link
Owner

Thanks @cybic, merged and published as 0.2.19, @cybic has added a helper file to retrieve OAuth2 credentials:

See https://github.com/jpillora/node-edit-google-spreadsheet/blob/master/get_oauth2_permissions.js

// Client ID and client secret are available at
// https://code.google.com/apis/console
// 1. Create or pick a project
// 2. Choose "API & Auth" and then "Credentials"
// 3. Click "Create new Client ID"
// 4. Select "Installed application" and "Other"
// 5. Copy your ClientID and Client Secret into the fields beneath

var CLIENT_ID = '';
var CLIENT_SECRET = '';

// 6. Check if readonly permission is ok, if not change to 'https://www.googleapis.com/auth/drive'
//    ..Or find the correct scope you need here: https://developers.google.com/drive/web/scopes

var PERMISSION_SCOPE = 'https://www.googleapis.com/auth/drive.readonly'; // can be a space-delimited string or an array of scopes

// 6. Run this script: `node get_oauth2_permission.js'
// 7. Visit the URL printed, authenticate the google user, grant the permission
// 8. Copy the authorization code and paste it at the prompt of this program.
// 9. The refresh_token you get is needed with the client_id and client_secret when using edit-google-spreadsheet

I'll leave this open as many will most likely land here looking for answers. I think a simple webpage could also perform this. That way it's entirely in the browser. Anyway, this is good solution in the interim.

@cybic
Copy link
Contributor

cybic commented May 29, 2015

A webpage could also store the IDs and tokens, and you could be giving away your credentials. Using a script it somewhat more transparent.

@jpillora
Copy link
Owner

It would be hosted on this repo (gh-pages) and vetted by its contributors and could be done in very few lines so anyone could look at the source and vet it themselves.

@jpillora
Copy link
Owner

Updated examples to use oauth2. Gave the browser token generator a shot, though hit CORS issues. A Heroku-hosted version of the script would also work. Anyway, will leave it as is for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants