Basically I'm trying to get read access to an OAuth2 authenticated users contacts, using either the Portable Contacts API<http://code.google.com/apis/contacts/docs/poco/1.0/developers_guide.html>or the full blown Contacts API <http://code.google.com/apis/contacts/docs/3.0/developers_guide.html>. Google have recently<http://googlecode.blogspot.com/2011/03/making-auth-easier-oauth-20-for-google.html> started allowing OAuth2 <http://code.google.com/apis/accounts/docs/OAuth2.html>.
I can get access to a users contacts via the Contacts API by first getting the user to authenticate with the scope: "https://www.google.com/m8/feeds";. Then I can retrieve their first 25 contacts using jQuery (code shown is CoffeeScript <http://jashkenas.github.com/coffee-script/>) $.ajax url: "https://www.google.com/m8/feeds/contacts/default/full"; dataType: 'jsonp' data: { access_token: token, alt: 'json-in-script' } success: (data, status) -> console.log "The returned data", data That works, and I get JSON data. However, the only contacts order that Google provides (as far as I can tell) is 'lastmodified<http://code.google.com/apis/contacts/docs/3.0/reference.html#Parameters>' (am I correct with this?). I need something more like 'top friends' or 'most popular'. Which, happens to be something that the Google Portable Contacts API can do<http://code.google.com/apis/contacts/docs/poco/1.0/developers_guide.html#RetrievingContactsWithQuery>, (Yay!). Of course, I can't seem to get a successful request to work. First, I get the user to authenticate with the portable contacts API by clicking this link (note the scope: "https://www-opensocial.googleusercontent.com/api/people";) <a href="https://accounts.google.com/o/oauth2/authclient_id=457681297736.apps.googleusercontent.com&response_type=token&redirect_uri=http://localhost:3000/team&scope=https://www-opensocial.googleusercontent.com/api/people";>Import Google Contacts</a> That works fine, and I get an access token passed back. Next I try to send an ajax request to the portable contacts API $.ajax url: "https://www-opensocial.googleusercontent.com/api/people/@me/@all"; dataType: 'jsonp' data: { access_token: token, alt: 'json-in-script' } success: (data, status) -> console.log "The returned data", data But that returns a 403 Error 403 (The currently logged in user and/or the gadget requesting data, does not have access to people data. Any ideas what I'm doing wrong? **Appendix** I found this bug report<https://groups.google.com/forum/#!topic/oauth2-dev/bZIoduv0UOc>in the Google OAuth2 forum which advised that we need to set an authorization header when working with the Portable Contacts API. So I tried that like this: $.ajax url: "https://www-opensocial.googleusercontent.com/api/people/@me/@all"; dataType: 'jsonp' data: { access_token: token, alt: 'json-in-script' } beforeSend: (xhr) -> xhr.setRequestHeader "Authorization", "OAuth #{token}" data: { access_token: token } success: (data, status) -> console.log "The returned data", data But that gets me the same 403 error: 403 (The currently logged in user and/or the gadget requesting data, does not have access to people data -- You received this message because you are subscribed to the Google Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://code.google.com/apis/contacts/community/forum.html
