Hi, I am using OAuth1.0+OpenID Hybrid protocol for authentication and everything seems working fine except for a rare scenario.
My Current Solution: 1. Perform Discovery 2. Redirect User with both OpenID and OAuth extensions to Google for Login. Something like: https://accounts.google.com/o/openid2/auth?https://accounts.google.com/o/openid2/auth?openid.ns=http://specs.openid.net/auth/2.0&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&....&openid.ext2.scope=https://picasaweb.google.com/data+https://www-opensocial.googleusercontent.com/api/people/+http://www.google.com/m8/feeds/ 3. When user authenticates himself and grant access permission, he is redirected to my returnURL with lots of his details and "openid.ext2.request_token" in request querystring (Similar to string I used in step 2 for request) 4. "openid.ext2.request_token" is extracted from 3. and exchanged for Access Token. Everything seems fine except for one scenario so far. ------------ If Picasa scope is added and I try to login with an account recently created, Step 3 fails. Instead of returning user as usual with lots of parameters in querystring, Google first redirects user to a strange URL "https://accounts.google.com/o/openid2/approval? xsrfsign=AC9jObYAAAAATpF6x6S6Ac7MfHa" which then further redirects user back to my returnURL BUT WITH NO PARAMETERS in query string. Please provide any pointer on what the issue can be? There is nothing unusual with new account and this account works fine if I remove picasa scope. Also, it works fine event with picasa in scope if I use an old gmail account. What could be the Scenario when google changes the default Hybrid protocol process flow by redirecting user to return url without any parameter? thanks, Deepak -- You received this message because you are subscribed to the Google Groups "Google Picasa Web Albums API" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-picasa-data-api?hl=en.
